»Practical Demonstration
This is a practical demonstration to explain the severity of clipboard text retrieval security threat found in Internet Explorer. The article explaining this security threat can be found here .
» In Action
To start with enter your email address and press the tab button on your keyboard.
» What is actually happening?
As soon as you enter an email address, a remote scripting (AJAX) call is made to the server with the email address and the clipboard text. In the server PHP is used to send the clipboard text to the email address provided.
Note that the call to the server is made with out the user submitting the form by using AJAX technology (XMLHttpRequest object in particular)
Imagine what might happen if you stored your credit card number or any other sensitive information in the clipboard. The text can be retrieved and send to any server with out the user even knowing about it. What if this code is executed in a popup when you are filling up your bank's login form? The possibilities are endless. So be better prepared
You can go back to the article or find out how to prevent this from happening.
»Notes
1) Use an active email address so that you can find out what you are actually exposing. Your email address is used just for demonstration purpose alone. Your email address is not used for another purpose or be sold to any other third party. If it still doesn't convince you then better don't use it.
2) For security reasons your ip address is also collected and will be displayed in the email sent to you. So only enter the email address for which you have access and not any one else address.
