Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
Community Proposals
Community Proposals
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Users Search
Help Dashboard Sign In Sign Up
Q&A Meta
Q&A
Posts Tags Edits
Ask Question

Welcome to the Power Users community on Codidact!

Power Users is a Q&A site for questions about the usage of computer software and hardware. We are still a small site and would like to grow, so please consider joining our community. We are looking forward to your questions and answers; they are the building blocks of a repository of knowledge we are building together.

Post History

75%
+4 −0
Q&A What are the security or privacy implications of browser clipboard events?

For context, I use Firefox to browse the Web. Some time ago, I followed some security- and privacy-oriented advice for configuring Firefox, which recommended (among many other things) disabling the...

1 answer  ·  posted 9mo ago by Karl Knechtel‭  ·  last activity 9mo ago by matthewsnyder‭

Question information-security web-browsers javascript clipboard
#1: Initial revision by user avatar Karl Knechtel‭ · 2024-02-23T14:10:47Z (9 months ago) 
What are the security or privacy implications of browser clipboard events?
For context, I use Firefox to browse the Web. Some time ago, I followed some security- and privacy-oriented advice for configuring Firefox, which recommended (among many other things) disabling the `dom.event.clipboardevents.enabled` setting.

My understanding is that this prevents the browser from generating events when content is cut, copied or pasted from/to a text field on the page. I further understand that JavaScript on the page can respond to these events, but for security reasons, the browser does not otherwise allow JavaScript code to access the clipboard. But existing information I can find on this topic all seems to be at least a decade old.

In practical terms, it seems that disabling the setting prevents some web pages from blocking attempts to copy page text, or from modifying the text that is put on the clipboard e.g. to include ad links back to the site. However, it also seems to prevent or interfere with pasting text into certain web apps, including Twitch and Discord.

I'm trying to decide how to approach this setting. **Do clipboard events entail any kind of security or privacy risk**, generally speaking, in modern environments? For example, if I paste into an app on one browser tab, could that information leak to other tabs? If not, I think I will find it more practical to leave events enabled by default, and only temporarily disable them when they cause a problem.
information-security web-browsers javascript clipboard