Re: risks of custom clipboard types from Ryosuke Niwa on 2011-05-17 (public-webapps@w3.org from April to June 2011)

From: Ryosuke Niwa <rniwa@webkit.org>
Date: Tue, 17 May 2011 09:20:11 -0700
To: Paul Libbrecht <paul@activemath.org>
Cc: "Hallvord R. M. Steen" <hallvord@opera.com>, public-webapps <public-webapps@w3.org>
Message-ID: <BANLkTimdTjAzy3e1EZuJuFGXKELzpboG8Q@mail.gmail.com>

On Tue, May 17, 2011 at 12:26 AM, Paul Libbrecht <paul@activemath.org>wrote:
>
> I agree it's a risk but since it's only when the user pastes intentionally,
> I don't think it is a risk to be excluded.
>

I don't think it's okay.  I didn't even save the file and file path was
invisible to a user.  As a user, I would have never guessed that I was
revealing my local file path and thereby my user name when I pasted the
content.

- Ryosuke

Received on Tuesday, 17 May 2011 16:20:58 UTC