-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Windows 10 October 2018 update breaks clipboard clearing feature #2358
Comments
I did a little (tiny) bit of research and found a UWP API to control what gets stored in history. I do not know if there is a Win32 API for this?? |
could this work? i have no idea about the windows api :/ https://docs.microsoft.com/en-us/windows/desktop/api/Winuser/nf-winuser-emptyclipboard |
Not likely because the new clipboard history is a totally separate application from the actual "clipboard". That function clears the clipboard proper, what we really want is to signal that "this particular item" in the clipboard should NOT be stored in the history. |
I'm not too sure about how to use native APIs in conjunction with QT/ If someone can give me pointers on how to get started using platform specific APIs with QT clipboard, I can have a go at implementing this. As far as I can tell, it should just be a question of setting the relevant "no history" option when saving text to clipboard in |
This really needs to be implemented in Qt. Once you hand off the contents you want in the clipboard to Qt, you have very little control besides mime data. |
Small hack that kinda works - Win+V to open clipboard, Del to delete the clipboard entry (or Tab until the focus is on the clear all button, then space or enter). KeePass could do this after the time period passes. |
@chandradeepdey Doesn't seem like a good way to go - deleting first item won't always work, because someone may copy new data between pasting the password and the clearing timeout. And clearing all isn't a good solution either, as users will complain about their unrelated clipboard history being lost. I think it might just be best to request/wait for Qt to support some way of accessing this API in |
Has somebody checked if QT is aware of this?? Because I guess we would like that fast. But first we might have to write something about this limitation. That might include option to turn this windows feature off for now? |
For me ctrl-c/ctrl-b does not even put anything in clipboard if 'clear clipboard' is turned on. If I turn it off it works to copy the data. But it never gets cleared. |
Just to add, I am running KeePassXC 2.4.0 with Qt 5.12.1 and libgcrypt 1.8.4. |
I have not checked Qt. |
After searching for other software having problem with this and not finding anything I wonder if this is a problem. Next would be to write a small example. QT does OleSetClipboard(0) to clear the clipiboard. But for me I am not sure this is the problem. For me maybe it is a timer problem. :( |
@jpyllman For me the legacy clipboard is unaffected, this issue only affects the modern clipboard. Have you tried setting the timer for "clear clipboard" higher? Also, the issue is quite opposite of that in #2862 in that the clipboard stores data and doesn't clear them (because it isn't being told to clear) instead of not storing them in the first place. |
Yes, I realize that too. My problem should probably be in a separate issue. I am just not sure what is causing this. I have been looking through KeePassXC code to see something. And there is nothing. Only little question is why do different with clipboard() and QApplication::clipboard(). |
Sorry about my rumblings. My problems was about "lock on minimize" and "minimize on copy". So "these are not the bugs you are looking for". Thanks. Just some crazy thought different timing on "lock database after inactivity", maybe have different on still open and minimized. |
There is a solution for the problem. The classic KeePass have an option to exclude copied passwords from the clipboard history. So the password would be only in the classic clipboard which can be cleared automatically as before. It would be nice to add that feature to KeePassXC too and activate it as the default for Windows 10 users. |
#2358 (comment) @droidmonkey could this help? |
Possibly, haven't had the time to look into this issue. Sometimes the .NET/UWP API is more capable than the C API. This is more likely the case for recent Windows additions such as the shared clipboard. |
This is a big security issue. Are you working on it? I'm still using classic keepass to avoid this situation. |
Shared clipboards are a security issue no matter how you cut it. Just disable that feature. |
I don't fully agree. You may want to track some blocks of text, pictures, filepaths, etc. But you will never want to see your password there. Keepassxc needs to implement the "exclude copied passwords from the clipboard history" as classic keepass does. |
So here's the problem. We use QClipboard to allow for easy and seamless use of the clipboard across platforms. Qt has not implemented an interface with the new Windows clipboard. In order to fix this security issue we will have to totally reimplement the clipboard interface using WinRT function calls similar to what this example project uses: https://github.com/microsoft/Windows-universal-samples/blob/master/Samples/Clipboard/cppwinrt/CopyText.cpp I do not think this is possible for a Mingw-based application like ours. This is the same reason why interfacing with Windows Hello is looking to be impossible. Instead of simply using mime-based means to declare clipboard items as no-history/no-roam (like Klipper uses), Microsoft embedded it into an API. |
Thank you very much for your explanation @droidmonkey . Will help to understand why this is not being addressed :) |
Maybe this can be helpful (Win32 "API" for excluding from inclusion in clipboard history and cloud clipboard): Related Stack Overflow post: https://stackoverflow.com/questions/53190273/bypass-clipboard-history-in-the-windows-10-october-2018-update Edit: almost forgot! Thank you all so much for your work on this project! I enjoy the simple and clean UX and hope to migrate my customers to it. |
Awesome will try that out |
Microsoft introduced a new clipboard in the October 2018 update for Windows 10. Enabling said clipboard breaks KeePassXC's ability to clear the clipboard after copying something.
Expected Behavior
Clipboard should be cleared after the period specified in settings.
Current Behavior
Clipboard is never cleared. This is independent of whether cloud synchronisation of the clipboard is turned on or not.
Steps to Reproduce (for bugs)
Debug Info
KeePassXC - Version 2.3.4
Revision: 6fe821c
Libraries:
Operating system: Windows 10 (10.0)
CPU architecture: x86_64
Kernel: winnt 10.0.17763
Enabled extensions:
The text was updated successfully, but these errors were encountered: