> > If this is really the case, it seems that separating Copy from Paste would be proper. > > The spec sort of distinguishes them (but this should probably be spelled out in detail): per the current spec text, copy/cut can be triggered from any trusted or semi-trusted event, while paste is only allowed if the UA is explicitly configured to allow it. But I should explain this better in the spec - especially because I keep forgetting about this myself ;)
I very much agree: it seems like much of the discussion slowing down progress on this spec and subsequent implementations is a concern over unauthorized programmatic access to read the user's clipboard (i.e. synthetic `paste`) but that is NOT part of the spec, nor would I want it to be. That functionality is also NOT supported in Flash: you can still only read the clipboard contents while handling a user-initiated `paste` operation into a Flash UI component. The main desired functionality that is really driving this spec is the synthetic/programmatic `copy` operation. Looking at ZeroClipboard's [1][2] usage statistics provides plenty of evidence that this feature is both increasingly desired by developers [3][4][5] and frequently used by consumers [6]. [1]: ZeroClipboard home page: http://zeroclipboard.org/ [2]: ZeroClipboard repo: https://github.com/zeroclipboard/zeroclipboard/ [3]: Public websites using ZeroClipboard number well over 30,000: https://github.com/zeroclipboard/zeroclipboard/wiki#websites-using-zeroclipboard [4]: ZeroClipboard currently has 3000+ stars on GitHub. [5]: ZeroClipboard averages more than 1000 installs per week via NPM, which is only one of many ways/systems by which developers can get ZeroClipboard: https://www.npmjs.org/package/zeroclipboard [6]: GitHub usage statistics (as of March 2014) for the ZeroClipboard click-to-copy buttons indicate an average of 35,000+ clicks per day. Sincerely, James M. Greene http://greene.io/