W3C home > Mailing lists > Public > public-webapps@w3.org > April to June 2011

Re: safeguarding a live getData() against looping scripts? (was: Re: clipboard events)

From: Paul Libbrecht <paul@hoplahup.net>
Date: Thu, 19 May 2011 08:43:20 +0200
Cc: public-webapps@w3.org
Message-Id: <54EE770E-7BF4-435C-9112-3FD73E939E03@hoplahup.net>
To: Joćo Eiras <joao.eiras@gmail.com>

Le 19 mai 2011 ą 02:11, Joćo Eiras a écrit :

> getData and setData must work outside clipboard events, like when clicking paste/copy/cut buttons on a toolbar. The clipboardData object needs to be exposed on the window, like in IE.

I fully disagree here.
This is exactly what has made the CnP API of MSIE a plague with a very bad press coverage.

getData and setData can only be used within the event processing which must be triggered by the user-agent at a user-recognizable invocation of the copy/cut or paste command.

That some browsers allow differently for "trusted sites" is ok to me but should not be an essential focus of this spec I find.

> To handle the getData case, I've thought of adding a proxy clipboard per browsing context. Read operations read from the proxy clipboard, write operations write to the proxy and system clipboards. User initiated actions like dropping, or pasting would update the proxy clipboard with the system clipboard contents, prior to the event being dispatched on the webpage.

I *think* that is a good strategy.

Received on Thursday, 19 May 2011 06:43:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:13:19 UTC