Re: [Clipboard] checking if implementation allows reading/writing a given type to the OS clipboard from Ryosuke Niwa on 2012-02-17 (public-webapps@w3.org from January to March 2012)

From: Ryosuke Niwa <rniwa@webkit.org>
Date: Fri, 17 Feb 2012 11:24:48 -0800
To: Paul Libbrecht <paul@hoplahup.net>
Cc: Daniel Cheng <dcheng@chromium.org>, "Hallvord R. M. Steen" <hallvord@opera.com>, public-webapps@w3.org
Message-ID: <CABNRm62761NXqPYKvkZctUqLhvtRJ5ki34dfH8ZrjUUt-Bc7Xw@mail.gmail.com>

On Fri, Feb 17, 2012 at 11:15 AM, Paul Libbrecht <paul@hoplahup.net> wrote:

>
> Le 17 févr. 2012 à 19:23, Daniel Cheng a écrit :
>
> Any MIME type support restrictions that apply to clipboard MIME types will
> almost certainly apply to DnD MIME types as well. Therefore, it wouldn't
> make sense to tie it to ClipboardEvent.
>
>
> Not sure to understand what "lie" means.
>

"tie", not "lie".

Also, what does it mean to be "supported"? In new versions of Chrome, any
> kind of MIME type is supported in the sense that you can set data for any
> arbitrary type, and it can be understood by any browser that uses the same
> native conventions (I'd be happy to work with any other developers
> interested in making sure this works across different browsers on the same
> computer).
>
>
> This sounds like a huge security leak. What if trusted web-site
> docs.google.com receives a paste of easy.cms.com that just got hacked
> with a hack that a kind html containing a script that reads the cookie when
> executed?
>

In general, it's websites' responsibility to sanitize data they get from
getData.


On Fri, Feb 17, 2012 at 11:18 AM, Paul Libbrecht <paul@hoplahup.net> wrote:
>
> Le 17 févr. 2012 à 19:25, Ryosuke Niwa a écrit :
>
> Yes, it does happen: I think I know that in Windows the supported
>> flavour-names depend on the launched applications. On Mac it depends on the
>> applications whose descriptor has been loaded (by the Finder I think, it
>> might also be those that have been launched once). At least an
>> application download and launch can cause a change in the supported
>> media-types of the OS.
>>
>
> Right. These will become problems if we decide to expose all platform
> types.
>
> However, would the browsers be informed of such a change? Would they be
>> able to consider a given type as being safe and not needing a sanitization?
>>
>
> I don't think that's possible without some sort of pre-knowledge about how
> the data is processed. In practice, we always hard-code this kind of
> information somewhere so I'm even not sure if such an elaborate behavior
> can be implemented.
>
> If anyone is willing to consider trusted web-sites (and MSIE already
> does?) then it is worth included.
>

Yeah, I think it's worth paying attention to this case.

- Ryosuke

Received on Friday, 17 February 2012 19:25:39 UTC