On Wed, Feb 28, 2018 at 1:01 AM, Amarjeet Singh <[email protected]> wrote:
> Hi Team, > > I am working on enabling and disabling clipboard. > > I went through *FreeRDP Manual* from which I found the following variable > in rdpSettings structure which is as follows:- > As far as disabling clipboard access within Guacamole is concerned, simply requesting FreeRDP to not use clipboard would be the RDP version of genetically engineering your dinosaurs to be female. You should instead absolutely guarantee that clipboard will not function by controlling things at the Guacamole protocol level, ignoring received clipboard data from the client (by not providing a handler for that data), and not forwarding clipboard data to the client even if received from the RDP server. Recall that, for clipboard data to be received/sent by the client, a "clipboard" instruction is used to establish the stream of data: http://guacamole.apache.org/doc/gug/protocol-reference.html#clipboard-instruction To ensure this does not actually have an effect, you would want to make handling of that instruction conditional depending on some enable/disable flag, and disable sending of clipboard data to connected clients while that flag is sent. Conditional handling of instructions is already used for implementing the "read-only" parameter, and is really what would be required here: https://github.com/apache/guacamole-server/blob/bc5b01d4d8ab0c3c89a08007316d33012261f6b3/src/protocols/rdp/user.c#L97-L114 Besides being reliable, this has the added bonus that the fact that clipboard streams cannot be established is automatically exposed to the client through "ack" instructions, and implementations can choose to handle this by adjusting the interface accordingly, warning the user that clipboard has been disabled, etc. - Mike
