Hi Ryosuke Niwa, responding to this on list:
I think I have raised my concern before but what should happen if script calls getData() within a copy/cut event handler?
With the current version of the spec, no data from the actual OS clipboard will be visible in copy/cut event processing. I have however not added any specific limitations on calling getData() during copy/cut events, so if the script already used setData() it will return any added data of the requested format.
Does that sound OK to you?
Also, scripts shouldn't be able to call clearData() during copy/cut events, correct?
Why not? Is it useful in any other context?
For "10. Cross-origin copy/paste of source code", we might also want to consider stripping elements that can refer to external URLs such as link, meta, base, etc...
Those will typically be in the HEAD and not usually part of a pasted fragment. We certainly don't want to remove A tags or their HREFs, so I'm not sure why we'd want to remove e.g. LINK.
-- Hallvord R. M. Steen, Core Tester, Opera Software http://www.opera.com http://my.opera.com/hallvors/
