On Mon, Sep 15, 2014 at 4:27 AM, Arthur Barstow <art.bars...@gmail.com> wrote: > This is a heads-up Hallvord intends to publish a WD of "Clipboard API and > events" and he is targeting a publication date of September 18. The ED > > <http://dev.w3.org/2006/webapi/clipops/clipops.html> > > If anyone has any comments or concerns about this plan, please let us know > before the 18th. Please forgive my ignorance. But I don't see a requirement that data egressed from the local machine to be protected with SSL/TLS.
Also, if the origin uses a secure scheme like HTTPS, then shouldn't the script's also require the same? That is, shouldn't the spec avoid fetching from https://www.example.com and then shipping clipboard data off to http://www.ads.com? Is these intended?