Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC4197: Copy Paste Hints #4197

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 63 additions & 0 deletions proposals/4197-copy-hints.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
# MSC4197: Copy-Paste Hints
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could possibly be more general, ie. it's just picking out the pertinent information from a message rather than necessarily anything to do with copy/paste.


In Matrix today, it can be used for communication. One thing that is communicated is two-factor auth codes. In other platforms, one convenience is being able to quickly copy-paste two factor auth codes. This is not possible in Matrix today.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please wrap your lines to about 80-120 characters


When sending a message, my message could contain a hint to the user's client that they should copy some particular part of the message. I propose to add a new field to `m.room.message` events that will hint to clients what text they could facilitating the user to copy.

### Proposal

* technical details
* describe the solution (This is the solution. Be assertive.)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these two lines need to be dropped?


`m.room.message` contains a new field, `copy_hint`, under the existing `content` dictionary. This new field will contain a string representing text that the client could present to the user to copy.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
`m.room.message` contains a new field, `copy_hint`, under the existing `content` dictionary. This new field will contain a string representing text that the client could present to the user to copy.
`m.room.message` contains a new field, `m.copy_hint`, under the existing `content` dictionary. This new field will contain a string representing text that the client could present to the user to copy.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should probably not be limited to m.room.message. it's effectively an extensible event mix-in to provide an alternative presentation of the message specifically for proposing copy-pasting.


An example is below:


```json5
{
"content": {
"body": "DO NOT SHARE THIS WITH ANYONE!!! Your 2FA code is: 100000",
"m.mentions": {},
"msgtype": "m.text",
"copy_hint": [23, 29]
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
},
"origin_server_ts": 1726936182830,
"sender": "@andrewm:element.io",
"type": "m.room.message",
"unsigned": {
"membership": "join",
"age": 54359693,
"transaction_id": "m1726936182657.27"
},
"event_id": "$4WvO6_skvEIibdffnDKdTkFHtOKUZaPFLm8HJuXcz7E",
"room_id": "!jWkHTegEyVsdPJkjHA:element.io"
}
```

### Potential Issues

None considered!

### Alternatives
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

might want to mention we're deliberately only letting you hint that a single thing is copyable, given you can only put one thing on a pasteboard.


1. `hints` dictionary.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rather than coming up with a new taxonomy for hints, it's better to use extensible events... i.e. you'd do an m.other_hint_type if you don't want an m.copy_hint. Although it might be nice for them to have the same shape?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you explain what "hints dictionary" is?

2. Leave things as is (please don't!)
3. boolean `copy_hint` field (hint to client to copy the whole message)
4. give up (similar to 2.)
5. Use indexes in the message
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you mean by "indexes"?

* Harder to implement
* Use bandwidth
6. If the event is encrypted, leave the 2FA code out of the encryption
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A nice refinement could be delete-after copying semantics, but that should be an extra MSC - probably extending the existing MSC2228 self-destructing messages MSC


Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another possibility would be to add a tag to a <span> element, say something like `Your 2FA code is 123456" which would allow the client to place a "Copy" button next to the text that is to be copied.

### Security Considerations

TODO.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Security concern: What if the text in content.body does not match the text in content.copy_hint, and the user then unknowingly has malicious content in their clipboard that does not match their expectation?

While alternative 5 adds more complexity to client developers, it reduces the attack surface to only be able to fill the clipboard with things that also are in the content.body text. However, the sender could still try to use rich text formatting to send invisible text that is then copied to the clipboard.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a risk this could ease phishing attacks where people are encouraged to copy-paste official looking data into their javascript consoles...

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To justify this concern, here's some well-known implementations of this attack:

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

massive spam risk here; need to explicitly advise client implementors to not allow 2FA spam to create an explosion of dialogs or similar


### Unstable prefix

What is this.

### Dependencies

I do not build on any giant's shoulders.