- From: Paul Libbrecht <paul@hoplahup.net>
- Date: Tue, 09 Jun 2015 23:13:38 +0200
- To: Daniel Cheng <dcheng@google.com>, Olli Pettay <olli@pettay.fi>, public-webapps <public-webapps@w3.org>
Received on Tuesday, 9 June 2015 21:14:22 UTC
On 9/06/15 23:08, Daniel Cheng wrote: > > So the solution is to require that browsers that make known > media-types in the clipboard actually parse it for its value? That > sounds doable (and probably even useful: e.g. put other picture > flavours in case of a pictures). > > I don't think I understand what this means. Since the browser is what would act on behalf of JS when putting a given data into the clipboard, it could check that this data is well formed and maybe matches the patterns of known exploits. paul
Received on Tuesday, 9 June 2015 21:14:22 UTC