mailing list archives
Re: [#1298868584] Copy&paste from web browser considered dangerous
From: "Google Security" <security () google com>
Date: Thu, 06 Jun 2013 20:11:03 -0000
Since Chrome is based on Chromium (an open source project), please file
the report directly in their bug tracker: http://crbug.com
The provides a number of benefits:
- You get direct access to the same developers that will triage and fix
the issue; and
- Once it's fixed, the bug will be made public (though if you use the
"Security Bug" template, the bug will be restricted to a small group of
security engineers until this occurs).
The Google Team
Original Message Follows:
From: Pavel Machek <pavel () ucw cz>
Subject: Copy&paste from web browser considered dangerous
Date: Sat, 1 Jun 2013 15:46:00 +0200
Apparently this is known for years, but... there are many legitimate
websites that expect you to copy&paste into terminal, but it is very
easy to paste something you did not want to. Demo is at
I believe it is a bug in the web browser: if text was invisible on the
play tricks with that.
Or alternatively, if text on screen differs from text going to
copy-paste buffer, warning with new text should be displayed.
(security () google cc-ed, at least chromium on debian 6 is affected).
- Re: [#1298868584] Copy&paste from web browser considered dangerous Google Security (Jun 10)