ISSUE-85: What are common security practices for Clipboard APIs?

clipops security practice

What are common security practices for Clipboard APIs?

State:
POSTPONED
Product:
HISTORICAL: Clipboard Operations [this spec uses Bugzilla for all Bug/Issue tracking http://tinyurl.com/Bugz-clipboard-apis]
Raised by:
Charles McCathie Nevile
Opened on:
2009-03-09
Description:
What are the common security restrictions and considerations that should be listed in the clipboard apis spec?
Related Actions Items:
No related actions
Related emails:
  1. Re: ISSUE-85 (clipops security practice): What are common sucrity practices for Clipboard APIs? [Clipboard Operations] (from paul@activemath.org on 2009-03-10)
  2. Re: ISSUE-85 (clipops security practice): What are common sucrity practices for Clipboard APIs? [Clipboard Operations] (from joaoe@opera.com on 2009-03-09)
  3. ISSUE-85 (clipops security practice): What are common sucrity practices for Clipboard APIs? [Clipboard Operations] (from sysbot+tracker@w3.org on 2009-03-09)

Related notes:

I think the write/read distinction proposed by João in email of 2009-03-09 is interesting but I haven't yet convinced myself that having a more complex model is worth the complexity. Right now, per spec, sites *have* write access by default if the UA is certain of the user's intention to trigger a copy/cut action (i.e. using UA menus or shortcuts like ctrl-x/ctrl-c). The gain from adding a separate pref to allow sites to call document.execCommand('copy') yet not allow document.execCommand('paste') seems rather small.

Hallvord Steen, 1 Mar 2013, 13:59:31

Display change log ATOM feed


Chair, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 85.html,v 1.1 2016/01/25 10:26:24 carine Exp $