Hacker News new | past | comments | ask | show | jobs | submit login

Like jacobush mentions: copy some shell code to clipboard, tell unknowing user to open terminal and do CMD+V and enter.

Or indeed, put some malware site on my clipboard.

Either way, it’s my clipboard and no website should be able to change it without my permission.




I don't know about other browsers, but Webkit/Safari only allows writing to the clipboard when triggered by a user interaction.

Copied from https://webkit.org/blog/10855/async-clipboard-api/:

"The request to write to the clipboard must be triggered during a user gesture. A call to clipboard.write or clipboard.writeText outside the scope of a user gesture (such as click or touch event handlers) will result in the immediate rejection of the promise returned by the API call."


That is reassuring to hear, thanks for digging that up


You don't need an API to do this. You can just use CSS. Try this example- https://thejh.net/misc/website-terminal-copy-paste




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: