Is it worth making the user agent prompt the user to confirm the copy if it detects anything that isn't text?
That is not as bad as disabling a feature when certain input is used however it would contribute to more error blindness. Perhaps there should be a note under security considerations that the user agent should let the underlying OS / antivirus check the copied text. On Sat, Jun 13, 2015 at 2:56 AM James M. Greene <james.m.gre...@gmail.com> wrote: > On Jun 11, 2015 2:02 PM, "Elliott Sprehn" <espr...@chromium.org> wrote: > > > > I don't think the clipboard should forbid inserting image data, there's > so many ways to compromise desktop software. ex. pasting text/html into > Mail.app might even do it. This API shouldn't be trying to prevent that. > > +1, thank you! > > ~~James >