At the moment, we simply drop these types of clipboard data:
if type in ("WINDOW", "PIXMAP", "BITMAP", "DRAWABLE", "PIXEL", "COLORMAP"): debug("skipping clipboard data of type: %s, format=%s, len(data)=%s", dtype, dformat, len(data)) return None, None
We could try to handle some of those, and provide them in multiple formats since we generally have PIL available for converting between formats.
From a security POV, it probably makes sense to always convert formats so that we can "guarantee" that the data we send over the wire is not malicious? Think: an application providing a JPEG based buffer overflow via the clipboard: worst case scenario is that the xpra server crashes parsing it or maybe it gets compromised, but the client machine will not receive the malicious content directly. But then again, if you can exploit the server, you can then inject the bad content in there.. I guess it's still a first line of defense.
Now that both OSX and win32 are using synchronous clipboard code (pretty much) and OSX is using at least some native call (see #318 for details) It probably makes sense to use native libraries directly for accessing rich formats:
Some links:
See also #2289
For win32: #2619
html5 was done in #2312
This only leaves macos for this ticket. (summary updated)
Examples:
NSTIFFPboardType
?
def copyToPasteboard_(self, string): pasteboard = NSPasteboard.generalPasteboard() pasteboard.declareTypes_owner_([NSStringPboardType], self) pasteboard.setString_forType_(string, NSStringPboardType)
MacOS clipboard updates:
Generic clipboard updates:
We should also sanitize images in both directions: #2808.
this ticket has been moved to: https://github.com/Xpra-org/xpra/issues/273