Maybe Firefox needs to add a new “Clipboard access” permission that can be granted on a site-per-site basis. When disabled, simple highlight and copy could still be enabled if hidden text cannot be added in between normal text.
The same permission model could be used system wide, but I do not think that such a feature exists on the X server or Wayland. Maybe using a wrapper that runs before the Desktop Environment?
There’s one tiny little problem with the hijack scenario – people only ever paste from the primary selection immediately after selecting something themselves (and thus overwriting whatever was in there). That’s precisely because the primary selection is so easy to overwrite (basically when you select anything), so you want to select and then immediately paste so you don’t lose it.
So in reality this scenario in which a random page injects something in the primary selection and the user pastes it sometime later in a terminal, of all things, probably has like a million to one chance of occuring.
PS: Also, just for trivia, any user who’s been around the console for a while will hit Ctrl+C out of reflex when confronted with unexpected output, not Enter.
I tried to submit it to addons.mozilla.org but they didn’t accept it.
It sort of looks as if they did accept it. If they were hesitant, perhaps it has something to do with the description suggesting that it’s a broken and pointless temporary kludge, as well as calling Firefox “removed”, and the ridiculously irrelevant screenshot.
I didn’t realise it was that easy to build a simple firefox extension like that. Maybe I’ll modify it to disable the whole clipboard api and some other stuff.
openwall.com
Hot