Re: risks of custom clipboard types

Le 17 mai 2011 à 09:21, Ryosuke Niwa a écrit :

> On Tue, May 17, 2011 at 12:11 AM, Paul Libbrecht <> wrote:
> Ryosuke,
> why would sensitive information be readable or writable?
> Because it has been available through clipboard.  e.g. a popular productivity application puts a local file path in link elements whenever you copy & paste table cells.


A "link" in the sense of a web-link with appropriate media-type or flavour is, to my understanding, something ok. It's a path only (it's not access to that path) and it is even formulated for "web purpose". I agree it's a risk but since it's only when the user pastes intentionally, I don't think it is a risk to be excluded.
Actually, if on my Mac now, I copy a file from the Finder and paste plain text in jEdit, I get the file-name, that's ok I think.
A "link" in the OLE sense has no way to be allowed.

You did mean the first form, did you not?


Received on Tuesday, 17 May 2011 07:28:35 UTC