[clipboard] Semi-Trusted Events Alternative

Semi-trusted events in the Clipboard API spec [1] are a potential solution to an important problem- sites should be able to use the same infrastructure (clipboard events) with their own triggers (button with execCommand('paste') as browser initiated clipboard operations (like user presses control+v or uses the context menu's 'paste' option). However, I don't really know if 'semi-trusted' events are the solution. Users will almost certainly be using the keyboard or mouse with websites, so requiring an event to originate from keyboard or mouse doesn't seem to make them trusted at all. I know there has been some discussion of removing them from the spec [2]. What is the status of that?

As an alternative to semi-trusted events, perhaps we should have something similar to input type="file"? Perhaps a new input type that must display a localized word for "cut", "copy", or "paste", and must not be occluded by any other element, could trigger real, trusted clipboard events? I'm not sure how this would work, but it seems worth a discussion at least.

Ben

[1] http://www.w3.org/TR/clipboard-apis/#semi-trusted-events
[2] http://lists.w3.org/Archives/Public/public-webapps/2014AprJun/0086.html

Received on Tuesday, 22 July 2014 22:17:40 UTC