Slashdot Mirror

← Back to Stories (view on slashdot.org)

Clipboard Data Theft Now Optional With IE7

Posted by Zonk on Thursday December 21, 2006 @08:08AM from the options-are-good dept.

An anonymous reader writes "It's been known for a long time that Internet Explorer will happily allow any Web site to steal data that users have recently cut-and-pasted or copied into the Windows 'clipboard' data storage area. Well, now it looks like Microsoft has finally decided that this 'feature' was probably ill-advised, according to The Washington Post's Security Fix blog. IE7 throws up a warning asking whether users really want to let a site filch their clipboard data (Firefox, Opera and most other non-IE browsers forbid this behavior by default)."

4 of 162 comments (clear)

Min score:

Reason:

Sort:

Comment removed by account_deleted · 2006-12-21 08:25 · Score: 3, Informative

Comment removed based on user account deletion
Re:not quite by uncommonlygood · 2006-12-21 08:37 · Score: 5, Informative

Don't know about the others, but firefox definitely does implement it, it's just off by default.
Re:Are both ways fixed? by lostboy2 · 2006-12-21 09:15 · Score: 4, Informative

Not "fixed" (as in removed), but apparently you can turn it off in IE4 through IE6.
Re:not quite by master_p · 2006-12-21 11:28 · Score: 3, Informative

But copy-paste works locally. When you copy-paste data between your documents, even on the web, javascript puts the data on the local clipboard. Remote apps should not be able to steel data from the local clipboard.