-2

There are a few questions that address already how to store custom objects into the clipboard. This requires marking classes as [Serializable] and then using binary serialization to retrieve them from the clipboard. An example is here.

However, Microsoft issues the following warning about binary serialization:

"Binary serialization can be dangerous. Never deserialize data from an untrusted source and never round-trip serialized data to systems not under your control." (here).

I tried to use the clipboard with [DataContract] instead of [Serializable] to avoid binary serialization, and this doesn't seem to be working, and classes that aren't marked as [Serializable] are retrieved as 'null'.

Thus, summing up:

  • Is it safe to use binary serialization in the specific scenario of the clipboard? I cannot assume that I trust the information in the clipboard -- the user may have copied it from anywhere.
  • Alternatively, is it possible to avoid binary serialization to store and retrieve custom objects from the clipboard?

Edit: using "GetText" to store everything in text removes the ability to paste text only in text recipients (e.g. Notepad) versus pasting in other containers that are able to process the additional information.

cat_in_hat
  • 635
  • 9
  • 15

1 Answers1

2

There is no need for you to take the data from the clipboard and rely on binary serialization/deserializtion. You can take the data from the clipboard as string which is basically the type that contains the information that you need and how it is represented on the clipboard, then you can process it as you want.

Just use the GetText method and then use the data as you want.

string clipboardText = Clipboard.GetText(TextDataFormat.Text);

Then if there is really a type that you want to deserialize the data into, then you could use newtonsoft.json nuget package to deserialize the data.

var myObject = Json.DeserializeObject<MyType>(clipboardText);

Then you can work with your custom object. Just make sure to include the deserialization in a try catch block in order to treat the case when the data is not in the proper format.

If there is no need for you to stick to binary serialization, then I would not suggest you to go for it, especially because it is harder to follow and maintain if bugs occur.

meJustAndrew
  • 6,011
  • 8
  • 50
  • 76
  • 1
    The only issue I see with this approach is that sometimes you need different representations of the same object in the clipboard. For example, if you copy to the clipboard a Cell in Excel, then the GetText() returns the current value of the Cell, while pasting on a different spreadsheet brings the underlying formula instead of the value, and pasting on a rich text editor brings the value with formatting, and so on. Forcing everything to text loses that functionality. – cat_in_hat Sep 28 '18 at 23:55
  • @FoundWaldoException completely agree, but since he wants to just deserialize some data into his custom objects, I doubt that he will process other kind of data with this approach, but you have a very good point. – meJustAndrew Sep 29 '18 at 08:19