Support
Support
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Permission to read clipboard or dom.events.testing.asyncClipboard per domain (manual whitelist or popup)

hsandt
Making moves
‎03-05-2026 03:28 PM
Status: New idea

My issue

Since my upgrade to Firefox 150.0, in Google Sheet, using Ctrl+Shift+V to Paste Values only, or using the menu Edit > Paste / Paste Special will make a popup with "Paste" appear, but it is greyed out and will ungrey after a delay of 1 second, making it very inconvenient. Basically anything other than native Paste with Ctrl+V.

Greyed out Paste popupGreyed out Paste popup

I see other reports about Google Sheet, but users experience the same issue with Google doc, GitHub, Figma, excalidraw) is safe.

In both the GitHub and Figma pages, gregstoll mentions that we can enable dom.events.testing.asyncClipboard (default to false) to allow clipboard access outside native Paste Ctrl+V, but that it's risky as other websites may read the clipboard.

The cost of UX for security is too important, considering it protects me from other malicious tabs I'm not using that would try to read my clipboard (possibly even write to it but I'm unsure about this one, I see a feature request from 2024 that mentions malicious website writing clipboard but maybe that part has been fixed already), while I know that the specific domain I'm using is safe.

My suggestion

I'd like to be able to whitelist domains where I'm confident I can use Ctrl+Shift+V or other forms of paste safely. MenguecheTrolazo asked about this on the Figma page and gregstoll said there was no such feature.

One natural way to do this would be to add a permission popup similar to the Copy to Clipboard Permissions request, except it would be a permission to read clipboard content (I assume giving granular control over read/write is safer).

A possible issue with this approach is the website spamming clipboard access requests as in this thread, however I think this would only occur when actively doing Ctrl+Shift+V or similar, and user could decide "not to ask again" if they really want to keep using the slow popup with "Paste". (but if a malicious website triggered the call, user will find it suspicious and will be able to reject the request and report the website)

Another way would be to add a manual whitelist by copying website domains. I mostly need this for Google Sheet, so I wouldn't mind.

Comment
3 Comments
Status changed to: New idea
Jon
Community Manager
Community Manager
‎04-05-2026 12:44 AM
‎04-05-2026 12:44 AM

Thanks for submitting an idea to the Mozilla Connect community! Your idea is now open to votes (aka kudos) and comments.

lulujuice
New member
‎04-05-2026 01:26 PM
‎04-05-2026 01:26 PM

I'm glad I'm not the only one with this issue.

Vexillari
Strollin' around
‎06-05-2026 12:19 AM
‎06-05-2026 12:19 AM

Yes, I'd really like a whitelist or something similar.
Working in Google Sheets has become simply unpleasant and inconvenient with this feature. I have to sit and wait extra time every time I copy something from pandas, something I've never had to do before.

Copyright © 2026 Khoros, LLC