Summary: | When pasting requires fetching remote content, ask for permission | ||
---|---|---|---|
Product: | LibreOffice | Reporter: | Eyal Rozenberg <eyalroz1> |
Component: | Writer | Assignee: | Not Assigned <libreoffice-bugs> |
Status: | UNCONFIRMED --- | ||
Severity: | normal | CC: | aron.budea, caolan.mcnamara, dgp-mail, heiko.tietze, himajin100000, telesto |
Priority: | medium | Keywords: | needsDevAdvice |
Version: | Inherited From OOo | ||
Hardware: | All | ||
OS: | All | ||
See Also: | https://bugs.documentfoundation.org/show_bug.cgi?id=148407 | ||
Whiteboard: | |||
Crash report or crash signature: | Regression By: | ||
Attachments: | Example file |
Description
Eyal Rozenberg
2022-04-09 14:47:50 UTC
Caolan, do we really fetch content on paste? Smells like a security issue. Typically there are utilities available for the various platforms to examine the clipboard which you can use to have a look at what is going on. Normally when something is "copied" its just marked as available to be requested from the source app on demand in a variety of optional formats and the destination app picks its favorite one. In this specific case I don't know what the situation is, using a clipboard utility should make it possible to get the source data out of the clipboard to see what it is. Eyal, please use a clipboard inspection tool to find what specifically is fetching content from exemplary web site. (In reply to Caolán McNamara from comment #2) I wouldn't mind using a clipboard utility, but I don't think that's the point. The point is that if it's possible that the clipboard content provider will perform some network operations, then it would make sense for LO to ask permission to have that happen. If a clipboard utility can determine whether or not that's the case, then theoretically, so can LO. Does the clipboard API not indicate whether the content is readily available, or requires additional processing? (In reply to Heiko Tietze from comment #3) Use which clipboard utility? And what information from that utility would you like? Created attachment 179464 [details]
Example file
@Heiko
A) Maybe start with something simple (without the clipboard stuff). This file contains an image which links to a file (webfile) instead of local disk.
In Calc you get this file uses external data, do you want to update..
Here it's simply download images from the web. The image here is high res (5 mb)(so throttle the bandwidth to 7 mbit) and you start noticing lags..
Aside that you can as use not tell what the document contains.. If those links are safe to download...
---
b) Another dimension of the topic is that image is treated as if it's stored locally. It isn't buffered after a successful download.
So if you change context is simply starts doing the whole download starts again (Say Opening Image dialog closing dialog & scrolling).
It's really assuming the image is locally stored (or on fast network drive)
---
c) And well here the image won't show in document. It keeps failing.. but well might be because of the stuff mention under b
I don't know in this case if its the content of the clipboard data which, when parsed by LibreOffice, makes LibreOffice download from a remote location. Or if the fetch over the network is done by the source application when it prepares what to present to the destination application of LibreOffice. There can be a lot of moving parts in cut&paste and various platform specific factors. If the platform you are using is Linux then xclip is probably easily installable and xclip -selection clipboard -t TARGETS is a good place to start to see what formats are available to get data in from the clipboard (In reply to Caolán McNamara from comment #6) > If the platform you are using is Linux then xclip is probably easily > installable and xclip -selection clipboard -t TARGETS is a good place to > start to see what formats are available to get data in from the clipboard When I invoke that command, nothing happens. It waits and waits and prints nothing, regardless of what I copy or paste. [Automated Action] NeedInfo-To-Unconfirmed From UX POV, if we really fetch 3rd party content I expect a confirmation, whether per dialog or via infobar presuming acceptance, and/or an option "[x] Ask to load content from 3rd parties". But I guess it's either NAB or NOB. (In reply to Heiko Tietze from comment #9) > But I guess it's either NAB or NOB. No further input for more than a year. Kindly reminder to our developers. |