Re: [w3ctag/design-reviews] ClipboardChange event API (Issue #1017)

Hi @garykac –

First a bit of context: The TAG feels the whole clipboard API is more permissive regarding permission than it should be. Also to be clear, we understand that your position is that this is required for the remote desktop scenario in order to allow for seamless clipboard access. The concern we have is about abuse of this API in *other* scenarios. Remember that web users will also be using other web applications, visiting other web sites, and will be subject to the same risks and attacks as any other web users. 

For example: user receives a text message from a scammer purporting to be from a trustworthy site; user clicks on the URL in the text message; now they are interacting with a web page that looks benign but it's really a scam web site; The web site convinces the user to paste something into the page; the web site shows the permission prompt, which of course the user accepts, and thereafter it's able to scrape any info off the user's clipboard any time it gets focus.
  
We also think the remote desktop use cases would work fine if it only works on paste, and without the clipboardchange event, websites don't know when a copy happens and so are incentivized to only read the clipboard on paste. With clipboardchange, they get a new incentive to be incompatible with Firefox and Safari, which [isn't good for the Web](https://www.w3.org/TR/ethical-web-principles/#multi). Before endorsing clipboardchange, we'd like to see an explanation for why that won't happen.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/1017#issuecomment-2616519376
You are receiving this because you are subscribed to this thread.

Message ID: <w3ctag/design-reviews/issues/1017/2616519376@github.com>