On 01/20/2017 08:00 PM, Bram Moolenaar wrote: > > sıx wrote: > >> @Bram could you please verify that you have received the PoC and still >> think it's not a vulnerability or at least a bug in handling pastes? > > Yes, the PoC also shows it's much more a browser issue than anything > else. > > I didn't know about the paste bracketing support in xterm, we can add > that anyway. Not that this is directly related to any vulnerability, > just to make pasting work better, avoid that pasted text is > unintentionally interpreted as commands. >
I would appreciate if you make vim pasting work better. After this improvement would be done on vim's side, I think it wouldn't matter if we call it a vulnerability or not and neither that we point the issue to vim or browsers. I mean, javascript or browser developers would say, manipulating clipboard through js is a nice feature to work with and not an issue. The point to me however, is that we could have a better paste. At this point I move on and of course the improvement is totally up to you. Thank you for taking time! sıx -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
