DEV Community

Cover image for Always double-check what you copy from websites

Always double-check what you copy from websites

Ruud Schroën on March 18, 2021

Let's say you are following a guide on the internet and it provides a command for installing a package. sudo apt install package Without a second...
Collapse
 
crimsonmed profile image
Médéric Burlet

Also keep in mind that in recent updated distributions sudo rm -rf / is blocked by the OS

Collapse
 
ruudje profile image
Ruud Schroën

That is good to know!

Collapse
 
calinzbaenen profile image
Calin Baenen

What is the copy event in HTML? oncopy?
And if you can use the copy event to write data, can you use it to read data as well?

Collapse
 
ruudje profile image
Ruud Schroën • Edited

Yes, oncopy is the HTML equivalent.

Reading is only possible within a paste event.

Collapse
 
calinzbaenen profile image
Calin Baenen

Is it possible in a copy event, or no?
If so, do you know why they made the decision to leave out reading from copying events?

Thread Thread
 
ruudje profile image
Ruud Schroën • Edited

According to Mozilla docs, reading is not possible within the copy event. As for why it's disabled, I think the content is written to the clipboard AFTER the event is finished, because in order to change the clipboard data you need to cancel the events default action. So if you could read within the copy event, you would be able to read the old clipboard data, which is a security issue. I don't have any sources that confirm this however.

There is a way for websites to read the clipboard, which involves using the navigator. But if a website tries to do this, you will get a popup asking you for permission.

Collapse
 
ryencode profile image
Ryan Brown

A previous team leader also warned of Unicode supporting editors and a toggle of hidden characters. Somehow being able to mark a sequence of characters as non-printing yet pasted into code, may still be valid code. I never explored it much but it still got me the habit of pasting code from external sources through a reduced character-set (ASCII) for validation.

Collapse
 
calinzbaenen profile image
Calin Baenen

This was really informational, so for that, you get a heart, AND a unicorn.
Thanks for the post.

Collapse
 
tqbit profile image
tq-bit

This post caught me off guard tbh. fortunately never happened, but could've been me indeed.

Also, something worth mentioning during next retrospective:
'My clipboard ate my root folder'

Collapse
 
ruudje profile image
Ruud Schroën

When the "my dog ate my homework" excuse no longer works :D

Collapse
 
humfreez profile image
humfreez

Nice write-up and cool extension. I've made horrific mistakes with pasting into the terminal in the past.