rugk
rugk
Ah okay, of course the fallback is trivial: Just catch the error and go on… The issue is, that we of course cannot tighten the CSP unless we can remove...
I don’t see an immediate attack vector and if I would well… it would be a vulnerability. The thing about CSP is always defense-in-depth, so arguing like this brings us...
Waait… @DemiMarie are you sure about your inital statement? Because that test page fails in Chromium and it uses `instantiateStreaming`: https://s3.amazonaws.com/webassembly-chrome-csp/csp_test.html That is actually also already linked in https://github.com/WebAssembly/content-security-policy/issues/7. So...
Okay given the initial approach does not wwork for the given reasons, I see news on the Chrome/ium side though. Apparently you can now use `wasm-eval` instead of `unsafe-inline`… ref...
already got a reply that it does not work, and even if it would likely be too recent now (and Safari is a thing not even considered/tested yet): https://github.com/w3c/webappsec-csp/pull/293#issuecomment-1014726154 So...
BTW we could also just use this JS https://github.com/zenorocha/clipboard.js/, which makes it very easy to use the clipboard API. I think this feature is a nice one and we really...
As for the lib: Okay, if it is really so easy we do not need to use it. It's something new, because it is more convenient to click on a...
> odd for the german speaking Swiss who have [Ctrl] instead of [Strg]. Really? Did not knew this. Interesting fact, but I don't get how this is related to this...
BTW in contrast to what the issue title indicates I am not for removing the selection thing. Of course the URL can still be selected, so users can easily press...
Yeah, the new [Clipboard API](https://developer.mozilla.org/en-US/docs/Web/API/Clipboard_API) also looks great, so we could fallback to that `execCommand('copy')` way for older browsers, as proposed in the Stackoverflow issue.