Clipboard copy from browser considered harmful

looking up a tutorial or reference in your browser, copying some shell command to clipboard, and blindly trusting it by pasting it to your terminal window; a pretty common occurence today.

modifying it so that what gets copied to the clipboard does not correspond with what is visually represented on the screen is a simple task thanks to the ::before and content css modifiers.

currently been tested on ;

• ☑ WebKit ≤537.36
• ☐ Gecko ≤20100101

consider the following code

<style>
span {
    font-family: monospace;
    position: absolute;
    color: white;
    cursor: text;
}
span::selection {
    background: #accef7;
    color: #accef7;
}
span::before {
    content: "clip";
    position: absolute;
    color: black;
}
</style>
<span>fuck</span>

with a live test below

if you're using a «vulnerable» browser, copying the text above saying clip, should copy fuck to your clipboard.

safe pasting

a neat way to handle safe pasting would be to run the command fc -e 'vim -c %d' before every paste.

fc is a tool ^{(usually a shell builtin)} to place a previous ^{(usually the last)} ran command into a temporary file, edit it with $FCEDIT, and then execute the contents of the modified file via the shell.

by passing vim -c %d as the -e flag of fc, we're telling vim to %d ^{(delete all lines)} on startup.

this way we'll have a clean file to which we can paste our clipboard contents.

alias prepaste='builtin fc -e "vim -c %d -c \"set paste\""'