Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC4197: Copy Paste Hints #4197

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

MSC4197: Copy Paste Hints #4197

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
bb7a8d5
MSC4197: Copy Paste Hints!!!
anoadragon453 Sep 22, 2024
e2f6046
Fix the example
anoadragon453 Sep 22, 2024
303b7d7
Add an unstable prefix
anoadragon453 Sep 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
65 changes: 65 additions & 0 deletions proposals/4197-copy-hints.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
# MSC4197: Copy-Paste Hints
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could possibly be more general, ie. it's just picking out the pertinent information from a message rather than necessarily anything to do with copy/paste.


In Matrix today, it can be used for communication. One thing that is communicated is two-factor auth codes. In other platforms, one convenience is being able to quickly copy-paste two factor auth codes. This is not possible in Matrix today.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please wrap your lines to about 80-120 characters


When sending a message, my message could contain a hint to the user's client that they should copy some particular part of the message. I propose to add a new field to `m.room.message` events that will hint to clients what text they could facilitating the user to copy.

### Proposal

* technical details
* describe the solution (This is the solution. Be assertive.)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these two lines need to be dropped?


`m.room.message` contains a new field, `copy_hint`, under the existing `content` dictionary. This new field will contain a string representing text that the client could present to the user to copy.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
`m.room.message` contains a new field, `copy_hint`, under the existing `content` dictionary. This new field will contain a string representing text that the client could present to the user to copy.
`m.room.message` contains a new field, `m.copy_hint`, under the existing `content` dictionary. This new field will contain a string representing text that the client could present to the user to copy.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should probably not be limited to m.room.message. it's effectively an extensible event mix-in to provide an alternative presentation of the message specifically for proposing copy-pasting.


An example is below:


```json5
{
"content": {
"body": "DO NOT SHARE THIS WITH ANYONE!!! Your 2FA code is: 100000",
"m.mentions": {},
"msgtype": "m.text",
"copy_hint": "100000"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

please namespace the field, just as m.mentions is... - so m.copy_hint once merged

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
"copy_hint": "100000"
"m.copy_hint": "100000"

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How would I be able to add multiple copy hints? Do I post extra empty messages per hint? Can I set the text to display on the copy button? Thinking for example, a moderation bot might want to provide a way to copy a list of MXIDs, it would be nice to able to say "Copy table", "Copy User IDs", ...

Additionally, i wonder if this might be better implemented using a custom HTML tag/property, eg. <p>Your 2FA code is <span data-mx-copy="100000">100000</span></p>, with ommission of a value copying the innerText.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree HTML would be a more elegant solution. Additionally it would make it much easier for humans to send messages with copyable parts.

},
"origin_server_ts": 1726936182830,
"sender": "@andrewm:element.io",
"type": "m.room.message",
"unsigned": {
"membership": "join",
"age": 54359693,
"transaction_id": "m1726936182657.27"
},
"event_id": "$4WvO6_skvEIibdffnDKdTkFHtOKUZaPFLm8HJuXcz7E",
"room_id": "!jWkHTegEyVsdPJkjHA:element.io"
}
```

Clients MAY automatically copy the contents of `copy_hint` to the clipboard without asking the user. This is an implementation detail.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
Clients MAY automatically copy the contents of `copy_hint` to the clipboard without asking the user. This is an implementation detail.
Clients MAY automatically copy the contents of `m.copy_hint` to the clipboard without asking the user. This is an implementation detail.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please don't do this. Beyond the security ramifications of a client copying what it wants to my clipboard, is the fact it means a program can overwrite whatever is in there and I may not notice that it happened. I might have been copying a huge chunk of something important and irreplaceable and now it's gone because someone else triggered a 2FA that is registered to my account

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree. I don't want my client putting stuff in the clipboard without me telling it to.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like there are plenty of problems pointed out with this but nobody suggesting solutions, but it feels like all the issues are readily solvable by just changing this to suggest something like searching for that text in the message and decorating it with a little copy button.


### Potential Issues

None considered!

### Alternatives
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

might want to mention we're deliberately only letting you hint that a single thing is copyable, given you can only put one thing on a pasteboard.


1. `hints` dictionary.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rather than coming up with a new taxonomy for hints, it's better to use extensible events... i.e. you'd do an m.other_hint_type if you don't want an m.copy_hint. Although it might be nice for them to have the same shape?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you explain what "hints dictionary" is?

2. Leave things as is (please don't!)
3. boolean `copy_hint` field (hint to client to copy the whole message)
4. give up (similar to 2.)
5. Use indexes in the message
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by "indexes"?

* Harder to implement
* Use bandwidth
6. If the event is encrypted, leave the 2FA code out of the encryption
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A nice refinement could be delete-after copying semantics, but that should be an extra MSC - probably extending the existing MSC2228 self-destructing messages MSC


Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another possibility would be to add a tag to a <span> element, say something like `Your 2FA code is 123456" which would allow the client to place a "Copy" button next to the text that is to be copied.

### Security Considerations

TODO.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security concern: What if the text in content.body does not match the text in content.copy_hint, and the user then unknowingly has malicious content in their clipboard that does not match their expectation?

While alternative 5 adds more complexity to client developers, it reduces the attack surface to only be able to fill the clipboard with things that also are in the content.body text. However, the sender could still try to use rich text formatting to send invisible text that is then copied to the clipboard.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a risk this could ease phishing attacks where people are encouraged to copy-paste official looking data into their javascript consoles...

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To justify this concern, here's some well-known implementations of this attack:

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

massive spam risk here; need to explicitly advise client implementors to not allow 2FA spam to create an explosion of dialogs or similar


### Unstable prefix

While this MSC is unstable, all instances of the field name `copy_hint` must be replaced with `org.matrix.msc4197.copy_hint`.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
While this MSC is unstable, all instances of the field name `copy_hint` must be replaced with `org.matrix.msc4197.copy_hint`.
While this MSC is unstable, all instances of the field name `m.copy_hint` must be replaced with `org.matrix.msc4197.copy_hint`.


### Dependencies

I do not build on any giant's shoulders.