(In reply to David F. from comment #6)
I second the approach to disregard invisible content during copy operations.
This doesn't work, see bug 504748 comment 4. It's also not really required for this new content to be invisible, it's just neater from the site's perspective, but if they created it (visible) right before copying and removed it right after, users probably wouldn't notice and certainly wouldn't be able to do anything about it.
Obviously there's already an algorithm in Firefox that determines if an element is eligible for user interaction (i. e. pointer clicks) based on visibility; otherwise click-jacking attacks would still be a wide spread issue.
click-jacking attacks still are an issue, and e.g.
opacity: 0 elements are invisible and will still take clicks. It'd also be possible to hide content into an
overflow:hidden container, or use a foreground colour that blends in with the background colour, or...
(In reply to sven+bugzilla from comment #9)
I like the idea to at least ask for permission before letting a website's content manipulate the clipboard. You could have the option to remember that choice, so rich apps that legitimately do this can still do their job.
These websites aren't manipulating the clipboard so permissions wouldn't help. This website happens to use the
copy clipboard event, but it doesn't actually need those events to do what it does, as I explained in comment #1 and comment #4 .
Lastly: Is there a way to prevent/defer DOM manipulation on elements in the current selection?
Not without breaking loads of websites (e.g. in text editors, selecting text and then clicking a button to make it into a link / change formatting). Plus it wouldn't make any sense to the user - any content they select becomes impossible for the web page to change? So site functionality would just "randomly" stop working?
If we prompted for permission for manipulating this selection, users would just become frustrated - they "just" want to copy/paste text (or format it or whatever), and being asked for permission is a bigger interruption to their workflow than just removing the text these websites are adding. Plus we'd also have to stop the website changing the selection (rather than changing what is inside it), which would likely also break helpful functionality.
I don't know how much clearer I can say this but: it is not possible to comprehensively fix this without breaking loads of the public web, because of how the DOM and HTML/CSS work.
I'm going to restrict comments because at this point comments are just a repetition of suggestions that have already been made elsewhere and responded to.