Clipboard

The clipboard is a common, easily-overlooked path for data to leave a controlled environment. The security.clipboard node governs clipboard sharing between the streamed application and the browser — whether it is on, which direction is permitted, and how large a payload may transfer.

Editor Advanced → Security JSON  ·  JSON security.clipboard

Properties

PropertyTypeDefaultValues / rangeNotes
enabled *booleanMaster switch for clipboard sharing. Required. New custom policies default to false.
directionenumserverToClient, clientToServer, bidirectionalData flow direction; only meaningful when enabled is true. When disabled, the effective direction is treated as off.
maxSizeBytesinteger10485761024 – 10485760Maximum clipboard payload, in bytes (1 KB – 10 MB; default 1 MB).

Direction is from the session's perspective: serverToClient permits copying out of the application to the browser, clientToServer permits pasting into the application, and bidirectional allows both.

Sample

"clipboard": {
  "enabled": true,
  "direction": "serverToClient",
  "maxSizeBytes": 524288
}
Warning

For sensitive data, restrict the outbound direction (serverToClient). Copy-out is the path most likely to be used for unwanted data egress.

Note

Clipboard transfers appear in the audit trail with direction and size, giving security teams visibility into data movement. See Audit Events. This node is policy-driven; app.config.xml only seeds an initial default when no policy is present.