On 9/06/15 23:08, Daniel Cheng wrote:
>     So the solution is to require that browsers that make known
>     media-types in the clipboard actually parse it for its value? That
>     sounds doable (and probably even useful: e.g. put other picture
>     flavours in case of a pictures).
> I don't think I understand what this means.
Since the browser is what would act on behalf of JS when putting a given
data into the clipboard, it could check that this data is well formed
and maybe matches the patterns of known exploits.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to