-
Summary: Password manager tools like Keepassx offer an option to clear the clipboard/selection after some time, e.g. 10 seconds, after the password was copied to the clipboard. This works fine, but unfortunately the password isn't removed from Klipper's history. This is a great security risk, which may make the use of password managers impossible. This patch changes Klipper::applyClipChanges(const QMimeData* clipData) where clipboard data is inserted into history. If the data has an additional mime type 'x-kde-passwordManagerHint' with the data 'secret', it is not inserted into history. For this to work as designed, password managers should add the additional mime type 'x-kde-passwordManagerHint' to the mimeData like following when copying a password to the clipboard: ``` QMimeData* mimeDataClipboard = new QMimeData(); const QString secretStr = "secret"; QByteArray secretBa = secretStr.toUtf8(); mimeDataClipboard->setText(password); // this is the password to copy mimeDataClipboard->setData("x-kde-passwordManagerHint", secretBa); clipboard->setMimeData(mimeDataClipboard, QClipboard::Clipboard); if (clipboard->supportsSelection()) { // we cannot use the same QMimeData, it's already owned by clipboard QMimeData* mimeDataSelection = new QMimeData(); mimeDataSelection->setText(password); // this is the password to copy mimeDataSelection->setData("x-kde-passwordManagerHint", secretBa); clipboard->setMimeData(mimeDataSelection, QClipboard::Selection); } ``` Reviewers: davidedmundson Reviewed By: davidedmundson Subscribers: dvratil, broulik, graesslin, davidedmundson, plasma-devel Tags: #plasma Differential Revision: https://phabricator.kde.org/D12539
6f972176