W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2014

Re: [clipboard] Semi-Trusted Events Alternative

From: Jeffrey Walton <noloader@gmail.com>
Date: Sat, 26 Jul 2014 09:26:48 -0400
Message-ID: <CAH8yC8kYtCYU7gSpXZ0m84_Kzv9XgaxsOzSb_rUD8rZzybHfGw@mail.gmail.com>
To: Perry Smith <pedzsan@gmail.com>
Cc: public-webapps@w3.org
On Sat, Jul 26, 2014 at 9:19 AM, Perry Smith <pedzsan@gmail.com> wrote:
> Sorry if this is a lame question but I never understood the dangers of Copy and Paste that the web is trying to avoid.  Can someone explain that to me?
>
Its a point of data egress. You don't want sensitive information from
one program scraped and egressed by another.

The first program could be a browser and the second program could be
malware. In this case, the malware looks for data placed on the
clipboard by the browser (and hopes to get a username, password,
sensitive document, etc).

Or, it could be another program with the browser scraping the data and
hauling it off to a site.

Jeff
Received on Saturday, 26 July 2014 13:27:14 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:14:26 UTC