Hallvord, Yes, content would be limited to providing text, image etc data to the user agent to place on the clipboard, and letting the user agent synthesize whatever formats (JPEG, PNG etc) other apps require. That has the advantage of preventing malicious content using esoteric flags or features to compromise recipients, but conversely means that legitimate content cannot use format-specific features, e.g. content would not be able to write a JPEG containing a comment block, geo tags or timestamp information.
Wez On Sat, 13 Jun 2015 at 11:57 Hallvord Reiar Michaelsen Steen < hst...@mozilla.com> wrote: > On Thu, Jun 11, 2015 at 7:51 PM, Wez <w...@google.com> wrote: > >> Hallvord, >> >> The proposal isn't to remove support for copying/pasting images, but to >> restrict web content from placing compressed image data in one of these >> formats on the clipboard directly - there's no issue with content pasting >> raw pixels from a canvas, for example, since scope for abusing that to >> compromise the recipient is extremely limited by comparison to JPEG, PNG or >> GIF. >> > > Well, but as far as I can tell we don't currently *have* a way JS can > place pixels from a canvas on the clipboard (except by putting a piece of > data labelled as image/png or similar there). So if you're pushing back > against the idea that JS can place random data on the clipboard and label > it image/png, how exactly would you propose JS-triggered copy of image data > to work? Say, from a CANVAS-based image editor? > -Hallvord > >