W3C home > Mailing lists > Public > public-webapps@w3.org > July to September 2014

Re: [clipboard] Semi-Trusted Events Alternative

From: Brian Matthews (brmatthe) <brmatthe@cisco.com>
Date: Mon, 15 Sep 2014 20:53:51 +0000
To: "Hallvord R. M. Steen" <hsteen@mozilla.com>, Ben Peters <Ben.Peters@microsoft.com>, "James M. Greene" <james.m.greene@gmail.com>
CC: Perry Smith <pedzsan@gmail.com>, "public-webapps@w3.org" <public-webapps@w3.org>
Message-ID: <D03C9FA0.809B%brmatthe@cisco.com>
On 9/13/14, 1:58 PM, "Hallvord R. M. Steen" <hsteen@mozilla.com> wrote:

> * copy/cut: we allow writing to the clipboard when copy/cut events are
>triggered from trusted UI, and when document.execCommand('copy') and
>document.execCommand('cut') are called from any JS thread that would be
>allowed to open a popup (i.e. generally in response to user interaction)

So does this mean that any page that can pop up a window today will be
able to put stuff on my system clipboard? As popup blockers in the various
browsers are pretty ineffectual (sorry browser authors), this concerns me,
I really donšt want a browser putting anything on my clipboard unless I
explicitly tell it to, and moving the mouse on a page or clicking anywhere
on a page (both things Išve seen trigger popups) isnšt me being explicit.

Brian
Received on Monday, 15 September 2014 20:54:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:14:26 UTC