[Webkit-unassigned] [Bug 244761] New: Web pages can overwrite your system clipboard without your knowledge

Sat Sep 3 06:56:50 PDT 2022

https://bugs.webkit.org/show_bug.cgi?id=244761

            Bug ID: 244761
           Summary: Web pages can overwrite your system clipboard without
                    your knowledge
           Product: WebKit
           Version: Safari 15
          Hardware: All
               URL: https://lapcatsoftware.com/articles/clipboard.html
                OS: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: opendarwin at lapcatsoftware.com

In Safari, the APIs navigator.clipboard.writeText() and document.execCommand("copy") are gated by a user gesture requirement, but this requirement is far too lenient.

In my testing, the following DOM events give a web page permission to use the clipboard API to overwrite your system clipboard:

click
copy
cut
focusout
keydown
keyup
mousedown
mouseup
pointerdown (desktop only)
pointerup (desktop only)
selectstart

Therefore, a gesture as innocent as clicking on a link or pressing the arrow key to scroll down the page gives the web site permission to overwrite your system clipboard.

There's a demonstration of this here: https://lapcatsoftware.com/articles/clipboard.html

A user gesture is not user consent. There can be no consent without understanding, and users don't understand that these commonplace gestures can allow a web page to overwrite their system clipboard.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220903/7c484c81/attachment.htm>