LGTM3 It's really not great that the sanitization steps are not specified, but given that this is simply extending where the HTML sanitization steps apply, I guess this doesn't significantly increase our tech debt on that front.
How hard would it be to specify the sanitization steps we implemented for both HTML and SVG on top of the Sanitizer API? On Tue, Feb 27, 2024 at 11:07 PM Anupam Snigdha <sni...@microsoft.com> wrote: > The exact steps of the sanitization process isn't specified anywhere since > it's very fluid and also subject to change based on the outcome of the > Sanitizer API proposal. Since the HTML format already uses this sanitizer, > we decided to use it for SVG format as well. This was also proposed by the > security team: > https://docs.google.com/document/d/1jq8QSCQRdNy99rnPusmW8is62c22PVuq-Sk-tMT2tRk/edit?disco=AAAAGzUW4fQ > ------------------------------ > *From:* Yoav Weiss (@Shopify) <yoavwe...@chromium.org> > *Sent:* Tuesday, February 27, 2024 1:53 PM > *To:* Anupam Snigdha <sni...@microsoft.com> > *Cc:* Daniel Bratell <bratel...@gmail.com>; Chris Harrelson < > chris...@chromium.org>; Thomas Steiner <to...@google.com>; Evan Stade < > est...@chromium.org>; Anupam Snigdha <snianu.micros...@gmail.com>; 一丝 < > yio...@gmail.com>; blink-dev <blink-dev@chromium.org>; > sligh...@chromium.org <slightly...@chromium.org>; svo...@gmail.com < > s...@voisen.org>; pwn...@chromium.org <pwn...@chromium.org>; Marijn > Kruisselbrink <m...@chromium.org>; huang...@chromium.org < > huangdar...@chromium.org>; mk...@chromium.org <mk...@chromium.org>; > Joshua Bell <jsb...@chromium.org>; christin...@chromium.org < > christin...@chromium.org>; etiennen...@chromium.org < > etiennen...@chromium.org>; Sanket Joshi (EDGE) <sa...@microsoft.com> > *Subject:* Re: [EXTERNAL] Re: [blink-dev] Intent to Ship: Clipboard API: > Svg > > > > On Tue, Feb 27, 2024 at 10:40 PM Anupam Snigdha <sni...@microsoft.com> > wrote: > > We're using the same sanitizer that HTML format uses to produce a fragment > with styles inlined. This is also the same sanitization process used in > paste operation(ctrl+V). > > > OK, so that's the one specified in > https://github.com/w3c/clipboard-apis/issues/150? > > ------------------------------ > *From:* Yoav Weiss (@Shopify) <yoavwe...@chromium.org> > *Sent:* Tuesday, February 27, 2024 1:30 PM > *To:* Anupam Snigdha <sni...@microsoft.com> > *Cc:* Daniel Bratell <bratel...@gmail.com>; Chris Harrelson < > chris...@chromium.org>; Thomas Steiner <to...@google.com>; Evan Stade < > est...@chromium.org>; Anupam Snigdha <snianu.micros...@gmail.com>; 一丝 < > yio...@gmail.com>; blink-dev <blink-dev@chromium.org>; > sligh...@chromium.org <slightly...@chromium.org>; svo...@gmail.com < > s...@voisen.org>; pwn...@chromium.org <pwn...@chromium.org>; Marijn > Kruisselbrink <m...@chromium.org>; huang...@chromium.org < > huangdar...@chromium.org>; mk...@chromium.org <mk...@chromium.org>; > Joshua Bell <jsb...@chromium.org>; christin...@chromium.org < > christin...@chromium.org>; etiennen...@chromium.org < > etiennen...@chromium.org>; Sanket Joshi (EDGE) <sa...@microsoft.com> > *Subject:* Re: [EXTERNAL] Re: [blink-dev] Intent to Ship: Clipboard API: > Svg > > > > On Tue, Feb 27, 2024 at 10:18 PM Anupam Snigdha <sni...@microsoft.com> > wrote: > > I noticed that the tests here are marked as "tentative". Is the > sanitizer part of this specified? > > Since there is no consensus on the clipboard sanitization, the tests are > marked as tentative for now. We had discussions > <https://github.com/w3c/clipboard-apis/issues/150> > <https://github.com/w3c/clipboard-apis/issues/150>in the past to > standardize the sanitization process (in the context of HTML), but were not > able to get consensus > <https://github.com/w3c/clipboard-apis/issues/150#issuecomment-974594001> > > > Oh my.. > > While consensus does seem elusive in this case, do you think it'd be > possible to specify what we're shipping here, even if we can't standardize > it right away? > > from other browser vendors. > > > With the new Sanitizer API > <https://wicg.github.io/sanitizer-api/#sanitizer-api>, hopefully we can > standardize the sanitization process and make it consistent for all formats > in the clipboard. > > ------------------------------ > *From:* Yoav Weiss (@Shopify) <yoavwe...@chromium.org> > *Sent:* Tuesday, February 27, 2024 1:06 PM > *To:* Daniel Bratell <bratel...@gmail.com> > *Cc:* Chris Harrelson <chris...@chromium.org>; Anupam Snigdha < > sni...@microsoft.com>; Thomas Steiner <to...@google.com>; Evan Stade < > est...@chromium.org>; Anupam Snigdha <snianu.micros...@gmail.com>; 一丝 < > yio...@gmail.com>; blink-dev <blink-dev@chromium.org>; > sligh...@chromium.org <slightly...@chromium.org>; svo...@gmail.com < > s...@voisen.org>; pwn...@chromium.org <pwn...@chromium.org>; Marijn > Kruisselbrink <m...@chromium.org>; huang...@chromium.org < > huangdar...@chromium.org>; mk...@chromium.org <mk...@chromium.org>; > Joshua Bell <jsb...@chromium.org>; christin...@chromium.org < > christin...@chromium.org>; etiennen...@chromium.org < > etiennen...@chromium.org>; Sanket Joshi (EDGE) <sa...@microsoft.com> > *Subject:* Re: [EXTERNAL] Re: [blink-dev] Intent to Ship: Clipboard API: > Svg > > > On Fri, Feb 23, 2024 at 7:40 PM Daniel Bratell <bratel...@gmail.com> > wrote: > > LGTM > > Not sure if it's LGTM2 or LGTM4 since that depends on if the 2021 LGTMS > still apply, but this still seems ready to ship. > > /Daniel > On 2024-02-23 19:14, Chris Harrelson wrote: > > My LGTM still stands, and have recorded it in the tool. > > On Fri, Feb 23, 2024 at 10:01 AM 'Anupam Snigdha' via blink-dev < > blink-dev@chromium.org> wrote: > > Gentle ping.. Received signoffs for all review gates for this feature. > ------------------------------ > *From:* Anupam Snigdha <sni...@microsoft.com> > *Sent:* Monday, February 12, 2024 10:37 AM > *To:* Thomas Steiner <to...@google.com>; Chris Harrelson < > chris...@chromium.org> > *Cc:* Evan Stade <est...@chromium.org>; Anupam Snigdha < > snianu.micros...@gmail.com>; 一丝 <yio...@gmail.com>; blink-dev < > blink-dev@chromium.org>; sligh...@chromium.org <slightly...@chromium.org>; > svo...@gmail.com <s...@voisen.org>; pwn...@chromium.org < > pwn...@chromium.org>; Marijn Kruisselbrink <m...@chromium.org>; > yoav...@chromium.org <yoavwe...@chromium.org>; huang...@chromium.org < > huangdar...@chromium.org>; mk...@chromium.org <mk...@chromium.org>; > Joshua Bell <jsb...@chromium.org>; christin...@chromium.org < > christin...@chromium.org>; etiennen...@chromium.org < > etiennen...@chromium.org>; Sanket Joshi (EDGE) <sa...@microsoft.com> > *Subject:* Re: [EXTERNAL] Re: [blink-dev] Intent to Ship: Clipboard API: > Svg > > I've made some changes > <https://chromium-review.googlesource.com/c/chromium/src/+/5277574> > <https://chromium-review.googlesource.com/c/chromium/src/+/5277574>to > address the loss of styles and other formatting issues during write. During > read, if the authors have added `image/svg+xml` to the `unsanitized` list, > then the SVG image content is returned without any strict processing by the > browser. By-default, read processes the `image/svg+xml`using the strict > HTML fragment parser that inlines the styles and strips out certain tags > that may be security sensitive. > > I noticed that the tests here are marked as "tentative". Is the sanitizer > part of this specified? > > I have started the privacy/security reviews for this change. Thanks! > > -Anupam > ------------------------------ > *From:* Thomas Steiner <to...@google.com> > *Sent:* Friday, February 2, 2024 12:45 AM > *To:* Chris Harrelson <chris...@chromium.org> > *Cc:* Evan Stade <est...@chromium.org>; Anupam Snigdha < > snianu.micros...@gmail.com>; 一丝 <yio...@gmail.com>; blink-dev < > blink-dev@chromium.org>; sligh...@chromium.org <slightly...@chromium.org>; > svo...@gmail.com <s...@voisen.org>; pwn...@chromium.org < > pwn...@chromium.org>; Marijn Kruisselbrink <m...@chromium.org>; > yoav...@chromium.org <yoavwe...@chromium.org>; huang...@chromium.org < > huangdar...@chromium.org>; mk...@chromium.org <mk...@chromium.org>; > Joshua Bell <jsb...@chromium.org>; Anupam Snigdha <sni...@microsoft.com>; > christin...@chromium.org <christin...@chromium.org>; > etiennen...@chromium.org <etiennen...@chromium.org> > *Subject:* [EXTERNAL] Re: [blink-dev] Intent to Ship: Clipboard API: Svg > > Regarding developer interest, there's definitely some false positives in > there, but a quick GitHub search > <https://github.com/search?type=code&q=%22navigator.clipboard.write%22+%22new+ClipboardItem%22+%22image%2Fsvg%2Bxml%22> > demonstrates > that quite a few developers attempt to write `image/svg+xml` onto the > clipboard. (Including my own app, SVGcode > <https://github.com/tomayac/SVGcode/blob/702767e6cfc4cb8f65ef7bed3f4f48816876b673/src/js/clipboard.js#L65-L144> > ). > > On Thu, Feb 1, 2024 at 11:45 PM Chris Harrelson <chris...@chromium.org> > wrote: > > > > On Thu, Feb 1, 2024 at 2:43 PM Evan Stade <est...@chromium.org> wrote: > > My understanding is that SVG support got lost in a personnel shuffle and > that we would like to ship it in theory. This comment > <https://bugs.chromium.org/p/chromium/issues/detail?id=1110511#c32> has > some more context, the takeaways being that: > > - we need to be more sure of the implementation > - we need partner confirmation, i.e. addressing "LGTM3 with the caveat > that we should only flip this flag to ship if big customers like Sean's > team are able to use this successfully to minimally cover their needs." > > From my perspective the LGTMs are no longer caveated. I think there is > enough evidence of demand to just do it. > > > No one has done that outreach as of yet. > > -- Evan Stade > > > On Thu, Feb 1, 2024 at 2:35 PM Chris Harrelson <chris...@chromium.org> > wrote: > > Hi, > > From my perspective, you still have 3 LGTMs to ship from the API owners. > However, please fill out the cross-functional reviews for privacy, > security, etc that have been added to the process since this intent was > created. If that doesn't seem possible with your existing chromestatus > entry, let me know or just create a new one and I'll LGTM it after those > reviews have started. > > On Thu, Feb 1, 2024 at 1:38 PM Anupam Snigdha <snianu.micros...@gmail.com> > wrote: > > Thanks Chris! > cc'ing estade@. > I think Darwin and Victor are not working on clipboard anymore so this > feature was stalled. > > Recently another bug was opened ( > https://bugs.chromium.org/p/chromium/issues/detail?id=1410321) where > support for copying/pasting svg images is needed. More discussions: > https://boxy-svg.com/ideas/268/paste-images-from-the-system-clipboard#comment-2313 > Since this I2S was LGTM'd with the caveat that Adobe is able to use this > format, and I'm not sure if there is any update on that, is it possible to > reconsider this I2S if there are other customers like Keynote and Cleanshot > X interested in this feature? > cc'ing Josh as well to see if there were any internal discussions with > Adobe for SVG image support. Thanks! > > -Anupam > > On Mon, Nov 13, 2023 at 4:50 PM Chris Harrelson <chris...@chromium.org> > wrote: > > Thanks for the interest! I agree it would be good to ship this if possible. > > On Tue, Oct 31, 2023 at 1:22 AM 一丝 <yio...@gmail.com> wrote: > > Unfortunately, three LGTMs obtained here did not ship. Can anyone > re-continue this process? > > With Keynote 13.1 supporting the SVG format, this API seems to be the only > way to copy and paste SVGs into Keynote in a browser. > > > Could you test with the experimental-web-platform-features chrome flag > turned on, and see if it works as intended for copy and paste from Keynote? > > > > 在2021年8月20日星期五 UTC+8 03:15:56<sligh...@chromium.org> 写道: > > LGTM3 with the caveat that we should only flip this flag to ship if big > customers like Sean's team are able to use this successfully to minimally > cover their needs. > > On Thursday, August 19, 2021 at 11:57:00 AM UTC-7 Chris Harrelson wrote: > > LGTM2 > > On Thu, Aug 19, 2021 at 11:46 AM Mike West <mk...@chromium.org> wrote: > > LGTM1. > > I think it's important that we address the TAG's concerns about gesture > requirements and other mechanisms which might reduce the surprise > associated with some uses of the clipboard API, but I agree with Darwin > that shipping SVG support doesn't need to block on that conversation. That > said, I'd encourage y'all to engage more closely with those questions. > Marijn, you and +Victor Costan are on an internal thread on that topic that > we should follow up on. > > Regarding style, this intent is the most conservative approach to > sanitization, which has been approved by the security team. Ideally, we > could find a way to allow style safely via the sanitization API work that's > underway separately, as Anne suggested on Mozilla's standards position > thread > <https://github.com/mozilla/standards-positions/issues/549#issuecomment-884119060>. > I also note that Apple's response on > https://lists.webkit.org/pipermail/webkit-dev/2021-August/031940.html seems > generally positive. > > -mike > > > On Fri, Aug 13, 2021 at 11:54 PM Sean Voisen <se...@voisen.org> wrote: > > On Thursday, August 12th, 2021 at 12:22 PM, Alex Russell < > sligh...@chromium.org> wrote: > > There's a recurring debate here about the stripping of inline style > information; Sean, how much worse is it for styles to be stripped in your > use-cases? If we wait for styles to be re-added (if they can be at all) to > ship this, how much worse is that? > > > Just so I'm clear, is the debate about stripping style attributes or style > elements or both? > We would want at least one of those. Illustrator allows for exporting SVG > with either, though by default (including when copying to clipboard) it > uses style elements like so: > > <style>.cls-1{fill:url(#radial-gradient);}.</style> > > If both were to be sanitized away then the feature would be of more > limited value for our use cases. > > Sean > > On Wednesday, August 11, 2021 at 9:23:33 PM UTC-7 Marijn Kruisselbrink > wrote: > > API Owners: any further thoughts on this intent? Are there any > open/pending questions for us? > > On Thu, Jul 15, 2021 at 3:23 PM Sean Voisen <svo...@gmail.com> wrote: > > On Wednesday, July 7, 2021 at 1:30:51 AM UTC-7 yoav...@chromium.org wrote: > > > Web developers: Positive > > > Any links? > > > We have interest in using SVG support on the clipboard for web > applications at Adobe. While this can be achieved to some extent by placing > SVG content in text/plain, proper SVG support would definitely be > preferable. > > Cheers, > Sean > > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > > > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/ROV74N4YKJX4uMRed9RUNCnyIQZRvzrLTepnhYugKwDseaZMB4Yq8Hhhlno99XIQqDTKpaAYmUdIR3D5oHat9ySM2I9HdmAVsAvfQRdNKBs%3D%40voisen.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/ROV74N4YKJX4uMRed9RUNCnyIQZRvzrLTepnhYugKwDseaZMB4Yq8Hhhlno99XIQqDTKpaAYmUdIR3D5oHat9ySM2I9HdmAVsAvfQRdNKBs%3D%40voisen.org?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAKXHy%3DetF5YyNUVt8%3D%2BpHOXnAMRXLd9TPG2Cxyv-TXLqQdXh4g%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAKXHy%3DetF5YyNUVt8%3D%2BpHOXnAMRXLd9TPG2Cxyv-TXLqQdXh4g%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/44f418ae-c0b4-4e59-8083-bbb43517da29n%40chromium.org > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/44f418ae-c0b4-4e59-8083-bbb43517da29n%40chromium.org?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_-4qajXkv5mi_XzvWwCmyeU-YGEAKFzo1u6s0GaK%2B18w%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_-4qajXkv5mi_XzvWwCmyeU-YGEAKFzo1u6s0GaK%2B18w%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CA%2Bm%3DdJpTYBs0Mos%3Dmm%2B73z_w%3D1B5nt2VCV5O0%3D3d2hx0h7g%2BiQ%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CA%2Bm%3DdJpTYBs0Mos%3Dmm%2B73z_w%3D1B5nt2VCV5O0%3D3d2hx0h7g%2BiQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAO4XGS_fGhHCrfAqfutFA_NvR_HbDD8neWs9mwbGrCfgoCZPHg%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAO4XGS_fGhHCrfAqfutFA_NvR_HbDD8neWs9mwbGrCfgoCZPHg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_VgWcBprV8sdeCjnusLzuM1-C-6TDLXXuGHd%3D2S8VXaA%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_VgWcBprV8sdeCjnusLzuM1-C-6TDLXXuGHd%3D2S8VXaA%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > > > -- > Thomas Steiner, PhD—Developer Relations Engineer (blog.tomayac.com, > toot.cafe/@tomayac) > > Google Germany GmbH, ABC-Str. 19, 20354 Hamburg, Germany > Geschäftsführer: Paul Manicle, Liana Sebastian > Registergericht und -nummer: Hamburg, HRB 86891 > > ----- BEGIN PGP SIGNATURE ----- > Version: GnuPG v2.4.3 (GNU/Linux) > > iFy0uwAntT0bE3xtRa5AfeCheCkthAtTh3reSabiGbl0ck > 0fjumBl3DCharaCTersAttH3b0ttom.xKcd.cOm/1181. > ----- END PGP SIGNATURE ----- > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/SA2PR00MB09859E328A8EB23C2D8487B6CF552%40SA2PR00MB0985.namprd00.prod.outlook.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/SA2PR00MB09859E328A8EB23C2D8487B6CF552%40SA2PR00MB0985.namprd00.prod.outlook.com?utm_medium=email&utm_source=footer> > . > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion on the web visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_70VcfmFf13-Wd9Z%2BFaGBncLCkTWCj2X-JEcoZteDCjQ%40mail.gmail.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOMQ%2Bw_70VcfmFf13-Wd9Z%2BFaGBncLCkTWCj2X-JEcoZteDCjQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOmohS%2BifmumSg9WES6UuYmrMdioLt8RK%2BQ15nhB0zV8h%3DG_zA%40mail.gmail.com.
