Re: [clipboard] Semi-Trusted Events Alternative

On Mon, Sep 15, 2014 at 1:42 PM, Hallvord R. M. Steen
<hsteen@mozilla.com> wrote:
>> 2. Allow reading data from the clipboard at any time if the data there
>> originated from the current origin. Thereby making the API as helpful
>> as possible for the case when data is copied within a website.
>
> So, I'm not yet "sold" on this suggestion. As I said already it's interesting - but it adds complexity to security/privacy-sensitive programming logic, and it might add layers of confusion for users. "The paste button worked fine a moment ago, why doesn't it work now??". "Copying from tab A worked fine and I could paste, copying from tab B fails??".

If we enable the website to check if it has the ability to read data
from the clipboard, then the website can gray out the "paste" button
as appropriate. Or replace it with text indicating that the user has
to use other actions to paste.

But yes, it does create a more complex UI for the user. And a more
complex API for the author.

/ Jonas

Received on Monday, 15 September 2014 21:33:54 UTC