Add privacy considerations for the clipboardchange event #230
Labels
privacy-tracker
Group bringing to attention of Privacy, or tracked by the Privacy Group but not needing response.
Comments
tjwhalen
added
the
privacy-tracker
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The Asynchronous Clipboard API allows reading the clipboard (including copied passwords), at any time by default, but the privacy considerations for it suggest that UAs might restrict it to after a user gesture. If a page is trying to steal data, it has to guess when that data's likely to be on the clipboard. It can poll, but polling is potentially suspicious, and a UA might alert the user or take other countermeasures.
clipboardchangechanges the behavior to allowing the page to trivially track the entire history of the clipboard. This should be called out in the privacy considerations, and the WG should describe any potential mitigations there, since the first current mitigation in that section doesn't apply to this new event.The text was updated successfully, but these errors were encountered: