Xpra: Ticket #273: macos to handle more clipboard formats, converting them on the fly

At the moment, we simply drop these types of clipboard data:

if type in ("WINDOW", "PIXMAP", "BITMAP", "DRAWABLE", "PIXEL", "COLORMAP"):
    debug("skipping clipboard data of type: %s, format=%s, len(data)=%s", dtype, dformat, len(data))
    return None, None

We could try to handle some of those, and provide them in multiple formats since we generally have PIL available for converting between formats.

From a security POV, it probably makes sense to always convert formats so that we can "guarantee" that the data we send over the wire is not malicious? Think: an application providing a JPEG based buffer overflow via the clipboard: worst case scenario is that the xpra server crashes parsing it or maybe it gets compromised, but the client machine will not receive the malicious content directly. But then again, if you can exploit the server, you can then inject the bad content in there.. I guess it's still a first line of defense.



Wed, 20 Mar 2013 14:28:05 GMT - Antoine Martin: status, milestone changed


Thu, 31 Oct 2013 07:46:11 GMT - Antoine Martin:

Now that both OSX and win32 are using synchronous clipboard code (pretty much) and OSX is using at least some native call (see #318 for details) It probably makes sense to use native libraries directly for accessing rich formats:


Tue, 09 Feb 2016 18:04:14 GMT - Antoine Martin:

Some links:


Fri, 17 Mar 2017 06:19:15 GMT - Antoine Martin: milestone changed


Mon, 06 May 2019 05:11:29 GMT - Antoine Martin:

See also #2289


Fri, 20 Sep 2019 14:38:06 GMT - Antoine Martin: status, milestone changed


Thu, 05 Mar 2020 10:42:59 GMT - Antoine Martin: keywords, status, component, milestone changed

For win32: #2619


Wed, 10 Jun 2020 15:28:49 GMT - Antoine Martin: summary changed

html5 was done in #2312

This only leaves macos for this ticket. (summary updated)

Examples:


Thu, 11 Jun 2020 08:36:12 GMT - Antoine Martin: status changed; resolution set

MacOS clipboard updates:

Generic clipboard updates:

We should also sanitize images in both directions: #2808.


Sat, 23 Jan 2021 04:50:14 GMT - migration script:

this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/273