Re: risks of custom clipboard types from Paul Libbrecht on 2011-05-17 (public-webapps@w3.org from April to June 2011)

From: Paul Libbrecht <paul@activemath.org>
Date: Tue, 17 May 2011 18:27:17 +0200
To: Ryosuke Niwa <rniwa@webkit.org>
Cc: "Hallvord R. M. Steen" <hallvord@opera.com>, public-webapps <public-webapps@w3.org>
Message-Id: <0815EA16-5954-41E3-8FB7-5E477F125B34@activemath.org>

Le 17 mai 2011 à 18:20, Ryosuke Niwa a écrit :

> On Tue, May 17, 2011 at 12:26 AM, Paul Libbrecht <paul@activemath.org> wrote:
> I agree it's a risk but since it's only when the user pastes intentionally, I don't think it is a risk to be excluded.
> 
> I don't think it's okay.  I didn't even save the file and file path was invisible to a user.  As a user, I would have never guessed that I was revealing my local file path and thereby my user name when I pasted the content.

On my mac, as far as I know, this can only happen if I copied the the file explicitly (as a file, not as a content). Pasting in some web-page means I want to transmit the information of the clipboard to the page.

paul

Received on Tuesday, 17 May 2011 16:27:43 UTC