Status of the Clipboard API spec: There are some open bugs. The test suite is 
on its way into web-platform-test but there's no progress on the review AFAIK.

Apart from those bugs I think the spec is quite solid. Here are the bugs:
https://www.w3.org/Bugs/Public/buglist.cgi?product=WebAppsWG&component=Clipboard%20API%20and%20events&resolution=---

I'll comment on each to give a status update, please comment in the relevant 
bugs if you have input or ideas:

21700   spec "strip possibly dangerous content before inserting rich text paste 
markup"
I was hoping there is an algorithm to sanitize HTML somewhere else that we can 
just reference. A full algorithm doesn't really belong in this spec. I haven't 
so far found the right thing to refer to.

21699   [spec.next] figure out how to make clipboard data type support 
discoverable
This requires coming up with a new API method and resolving fingerprinting 
concerns. It would be nice to have but I haven't figured it out yet, and IMO we 
can ship the current spec first and do this in a future version..

23538   Sort out markup from local source (i.e. word processor) referencing 
images on disk
This needs some feedback from developers who have worked on clipboard 
integration on various platforms. The main question: is it generally possible 
on [platform] to tell whether a string of HTML was placed on the clipboard by a 
local application? Some HTML on the clipboard might come from 

* a web page, opened in some random web browser, content copied by the user or 
written to clipboard by JS
* a word processor or other software running locally

Is there any hope of being able to distinguish those scenarios across 
platforms? If not we need to wontfix this and change the spec accordingly.


27010   allow beforepaste event listeners to inspect type of clipboard contents 
(?)
This is a relatively easy fix, but it may have some privacy implications that 
we haven't figured out yet.

21698   figure out if we can add MathML to "Mandatory data types" list
This one probably just needs a bit more discussion and votes for/against? I'm 
not sure what this requires from implementors or what native types (if any) 
match MathML.

23536   figure out if "mixed clipboard content" is testable, write tests if it 
is
Still don't know how or if this really works on various platforms.

23537   [spec.next] expose origin of HTML markup when possible?
IE adds some meta data to the HTML when writing it to the clipboard. We should 
perhaps spec IE's format, or maybe mandate that implementations writing HTML to 
the clipboard should also add a text/uri-list entry giving the original 
location of the HTML content? Then we might add an event.sourceURL property. 
This is also a features-vs-privacy thing, I'm not absolutely certain I want to 
inform any page I paste into what page I copied something from. But some pages 
or apps could probably make good use of this information.

I'd like to get 21700, 23538, 27010 and 21698 addressed before a new WD. Input 
from implementors and web developers is always welcome, of course.
-Hallvord

Reply via email to