| There was no link in the mailing list post or any of its replies.
As of right now, there is no link in a HN comment. I tried hard but could not find a relevant bug on Bugzilla, but that could be because security-related issues are typically kept under wraps until the details are safe to be publically revealed. At least that was the case for the one I submitted a few years ago; as the submitter, I can see it when I'm logged in, but it doesn't show up on anonymous searches. If Mozilla's stance on this really is as described in the mailing list, I would very much like to add a dissenting opinion. This is clearly a security issue that needs addressing. If the clipboard buffer needs special protection, so does the primary selection buffer. Whether most people like or dislike copy/pasting this way is irrelevant. Some people use it. The other browsers on X11 are properly protected. Even Edge on Linux gets it right. Firefox is the odd one out here and they should fix it. Especially these days, where install instructions on web pages often look like this: curl -o- https://example.com/trust/me/install.sh | sudo bash
EDIT: As per the author's GitHub issues, the bug report is indeed still hidden:https://bugzilla.mozilla.org/show_bug.cgi?id=1855345 https://github.com/turistu/odds-n-ends/issues/1#issuecomment... |