Re: CfC: new WD of Clipboard API and Events; deadline April 5

Le 5 sept. 2011 à 16:50, Glenn Maynard a écrit :

> On Mon, Sep 5, 2011 at 6:13 AM, Hallvord R. M. Steen <hallvord@opera.com> wrote:
> Pretty much everything in this spec can be abused to cause nuisance.
> 
> Personally, I'm less than thrilled to see an API giving sites more ability to mangle what I copy.  Clipboard hijacking scripts that add "read more at..." spam to copied text make it painfully clear that sites will actively abuse a clipboard API; I'd sooner see sites have less control, to prevent this gross abuse, not more.  Browsers should copy only what I tell them to copy.

Glenn,

there was a long thread about that at the TAG mailing list.
  http://www.w3.org/mid/AFFAB130-B693-4AC9-91E6-B6834E57B3F5@w3.org

Unfortunately, there is no way to discriminate a page that tries to be useful and a page that tries to lower your actions (as the other one I just sent the webapp mailing list which, btw, uses no clipboard API).

Such a lack of discrimination was also there for JavaScript which could create DoS attacks easily. You can disable javascript but then, who does? It did not become so fashionable anymore... same for applets, flash, ...

Slowly, users start to see the disadvantages of a dirty web-page (e.g. flash advertisement 100% cpu) and I am confident they will not that some pages mingle with their copy ability or actually provide a service to do so.

I'd love to hear your feedback but that's how I feel things and I think we just have to accept it: new technology, new risks, positive and negative.

paul

Received on Monday, 5 September 2011 15:42:10 UTC