I hate whoever that was

lodemike@lemmy.today

1. User pastes something into site
2. data still pasted as normal
3. JScript event clears clipboard and tells user this.

Literally just as secure and better behavior. Just use your brain for a few seconds.

lodemike@lemmy.today

No. The problem is browsers enforcing it.

hessenjunge@discuss.tchncs.de

On Firefox it is some setting under about:config, no need for an extension.

rippleeffect@lemm.ee

Which makes taking notes while the video is playing basically impossible

__init__@programming.dev

Nice, didn’t know about that one. I imagine there are side effects to disabling it globally though? Those goofy OTP code inputs implemented as six single digit inputs jumps to mind, they probably rely on the paste event. The extension works similarly but lets you only enable it for problematic sites.

maccentric@sh.itjust.works

I just found it recently when DFWP failed to allow me to paste on a site (which happens quite often in my experience).
I had the same thoughts about this setting but so far I haven’t noticed anything.

frosty@pawb.social

dom.event.clipboardevents.enabled

brygphilomena@lemmy.world

I have an auto hotkey script that I always have running. It just takes my clipboard and sends the key presses to type it in when I press Ctrl + shift + v.

It gets me around most of this sort of bullshit.

big_fat_fluffy@leminal.space

On a similar note, by mobile lemmy client won't let me copy test. Can't even select it.

rimjob_rainer@discuss.tchncs.de

using chrome in the first place

laurelraven@lemmy.zip

Let's be real, though, it's not the dev we should be mad at but some suit who thinks they know security demanding it be done that way

chaoticneutralczech@feddit.org

Which one?

adtj@feddit.uk

if you don't want to or can't use extensions, just right click > inspect, then right click the element highlighted in the HTML and click "use in console" or "store in global variable" depending on browser

it'll put something like

temp0 into the console

just change that line to

temp0.value = "yourpassword"
```  and press enter

it sounds verbose to explain but it's just a couple of clicks and one command, if you're using a password manager it's still a lot easier than typing out a random string and it should work with most text boxes and inputs, might not work if the page is doing something fancy.

laserjet@lemmy.dbzer0.com

My impression from when I've encountered this is that it is an attempt to repel bots.

Speculating/knowing about the reason doesn't help when I'm confronted with having to input the password *6mA*P7CCuVyHo8kh%x34!63wm23&uhzSMY3Xy3$*8^%7j$VeH^7

victorz@lemmy.world

Also curious.

a7thstone@lemmy.world

If you are using Voyager you can hold down on the comment or hit the three dot button and you'll get a menu that gives you a "select text" option. I was annoyed by that until I found it.

jasondj@lemmy.zip

Weird, that's one character off from my Paramount+ password. I know from typing it on every fucking STB and console that I own and painstakingly quadruple-checking each character when it fails.

You'd think I'd just change to a passphrase but nah. Ain't nobody got time for that. Too busy ranting about user unfriendly problems that shouldn't exist in modern STB apps.

jasondj@lemmy.zip

Yep. It's always when I'm adding a payment method to like a credit card or something.

The ones that are web-based and block password vault auto fill...on desktop...those really grind my gears.

Also, is it me, or is android really bad about detecting when something is a username/password field and the vault auto fill should be suggested

jasondj@lemmy.zip

using characters that need to be escaped in your plugins name

anticorp@lemmy.world

It's pretty bad. I get the pop-up for a lot of incorrect fields.