Re: Proposal for a DOM L3 Events Telecon

2013-05-01 Thread Wez
Hi guys, mind if I tag along with Gary on the call? On 30 April 2013 13:46, Gary Kačmarčík (Кошмарчик) gary...@google.comwrote: On Mon, Apr 29, 2013 at 12:59 PM, Travis Leithead travis.leith...@microsoft.com wrote: I’d like to propose we start a call to begin to work toward resolving the

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-09 Thread Wez
IIUC that approach won't help, because the problem here is not necessarily invalid/malformed data, but even valid data that some decoders fail to handle gracefully. On 9 June 2015 at 14:13, Paul Libbrecht p...@hoplahup.net wrote: On 9/06/15 23:08, Daniel Cheng wrote: So the solution is to

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-25 Thread Wez
Sorry Florian, but I don't see what that has to do with whether or not the Clipboard Events spec mandates that web content can generate their own JPEG or PNG and place it directly on the local system clipboard. What is it that you're actually proposing? On Thu, 25 Jun 2015 at 13:31 Florian Bösch

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-25 Thread Wez
support that format safely. On Thu, 25 Jun 2015 at 14:16 Florian Bösch pya...@gmail.com wrote: On Thu, Jun 25, 2015 at 3:13 PM, Wez w...@google.com wrote: I think there's obvious value in support for arbitrary content-specific formats, but IMO the spec should at least give guidance on how

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-25 Thread Wez
and gifs? On Wed, Jun 24, 2015 at 8:46 PM, Wez w...@google.com wrote: I don't think OpenEXR is one of the formats required by the Clipboard Events spec, is it..? On Wed, Jun 24, 2015, 18:49 Florian Bösch pya...@gmail.com wrote: And how exactly do you intend to support for instance OpenEXR

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-25 Thread Wez
give guidance on how to present the capability in a safe way. HTH, Wez On Thu, 25 Jun 2015 at 13:56 Florian Bösch pya...@gmail.com wrote: Well let's say some webapp generates an OpenEXR and wants to put it into the clipboard as image/x-exr which would make sense cause any eventual program

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-25 Thread Wez
applications to work around an unenforceable restriction. On Thu, Jun 25, 2015 at 3:21 PM, Wez w...@google.com wrote: And, again, I don't see what that has to do with whether the spec mandates that user agents let apps place JPEG, PNG or GIF directly on the local system clipboard. The spec doesn't

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-25 Thread Wez
in-line with the content. And once you've forced such ad-hoc solutions to emerge for meddling with what people can put in the clipboard, you'll have no standing to put that geenie back in the bottle, again, relevant XKCD quote omitted. On Thu, Jun 25, 2015 at 4:48 PM, Wez w...@google.com wrote

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-25 Thread Wez
around impossible. On Thu, Jun 25, 2015 at 5:07 PM, Wez w...@google.com wrote: Florian, you keep referring to using application/octet-stream - that's not a format that all user agents support (although the spec says they should ;), nor is there any mention in the spec of what it means to place

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-24 Thread Wez
to compromise recipients, but conversely means that legitimate content cannot use format-specific features, e.g. content would not be able to write a JPEG containing a comment block, geo tags or timestamp information. Wez On Sat, 13 Jun 2015 at 11:57 Hallvord Reiar Michaelsen Steen hst

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-24 Thread Wez
I don't think OpenEXR is one of the formats required by the Clipboard Events spec, is it..? On Wed, Jun 24, 2015, 18:49 Florian Bösch pya...@gmail.com wrote: And how exactly do you intend to support for instance OpenEXR? On Wed, Jun 24, 2015 at 5:44 PM, Wez w...@google.com wrote: Hallvord

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-11 Thread Wez
that to compromise the recipient is extremely limited by comparison to JPEG, PNG or GIF. The UA is still at liberty to synthesize these formats itself, based on the raw imagery provided by the content, to populate the clipboard with formats that other applications want. HTH, Wez On 10 June 2015 at 23

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-06-26 Thread Wez
Florian, as I pointed out earlier, this proposal is to remove the requirement that user agents allow content to set the local system clipboard directly with certain pre-existing clipboard formats, because doing so safely is not possible in general. Removing the requirement from the spec will

Re: Clipboard API: remove dangerous formats from mandatory data types

2015-07-27 Thread Wez
My 2c inline below: On 27 July 2015 at 12:03, Hallvord Reiar Michaelsen Steen hst...@mozilla.com wrote: On Tue, Jun 9, 2015 at 8:39 PM, Daniel Cheng dch...@google.com wrote: Currently, the Clipboard API [1] mandates support for a number of formats. Unfortunately, we do not believe it is

Re: Clipboard API: remove dangerous formats from mandatory data types

2016-02-08 Thread Wez
applications losslessly. e.g. transcoding to BMP would remove JPEG location, time/date, etc annotations. The bug you refer to looks like it's talking about intra-Browser, i.e. content->content, copy/paste operations for arbitrary MIME-types? Cheers, Wez @ Google On 6 February 2016 at 05