From e4e40153ccad3a529ff853e5fdb982643d9ca350 Mon Sep 17 00:00:00 2001
From: Snowz <98007575+SnowzNZ@users.noreply.github.com>
Date: Mon, 4 Sep 2023 09:14:38 +1200
Subject: [PATCH 1/3] add #247

---
 src/application/collections/windows.yaml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/src/application/collections/windows.yaml b/src/application/collections/windows.yaml
index d2514107..0172a64d 100644
--- a/src/application/collections/windows.yaml
+++ b/src/application/collections/windows.yaml
@@ -2882,6 +2882,23 @@ actions:
                     reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WCN\Registrars" /v "DisableUPnPRegistrar" /t REG_DWORD /d 1 /f
                     reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WCN\Registrars" /v "DisableWPDRegistrar" /t REG_DWORD /d 1 /f
                     reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\WCN\Registrars" /v "EnableRegistrars" /t REG_DWORD /d 1 /f
+            -
+                name: Disable clipboard history
+                recommend: standard
+                docs:
+                    - https://github.com/undergroundwires/privacy.sexy/issues/247
+                    - https://ghostvolt.com/blog/Is-the-Windows-Clipboard-Function-History-or-Sync-Secure.html
+                call:
+                    function: DisablePerUserService
+                    parameters:
+                        # Check (system-wide):  (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\cbdhsvc").Start
+                        # Check (per-user):     (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\cbdhsvc_*").Start
+                        serviceName: cbdhsvc
+                        defaultStartupMode: Manual
+                code: |-
+                    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d 0 /f
+                revertCode: -|
+                    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d 1 /f
             -
                 category: Increase cryptography on ISS
                 children:

From 1d818ddd46f0099ea8eea36718d4627d7e5ce892 Mon Sep 17 00:00:00 2001
From: Snowz <98007575+SnowzNZ@users.noreply.github.com>
Date: Tue, 5 Sep 2023 11:14:37 +1200
Subject: [PATCH 2/3] requested changes

---
 src/application/collections/windows.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/application/collections/windows.yaml b/src/application/collections/windows.yaml
index 0172a64d..1216e9f9 100644
--- a/src/application/collections/windows.yaml
+++ b/src/application/collections/windows.yaml
@@ -2894,11 +2894,11 @@ actions:
                         # Check (system-wide):  (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\cbdhsvc").Start
                         # Check (per-user):     (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\cbdhsvc_*").Start
                         serviceName: cbdhsvc
-                        defaultStartupMode: Manual
-                code: |-
-                    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d 0 /f
-                revertCode: -|
-                    reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d 1 /f
+                        defaultStartupMode: Automatic
+                    function: RunInlineCode
+                    parameters:
+                        code: reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d 0 /f
+                        revertCode: reg delete "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /f
             -
                 category: Increase cryptography on ISS
                 children:

From d48e0751f0bee9218e2a552707c2f4faa6a6d8cb Mon Sep 17 00:00:00 2001
From: Snowz <98007575+SnowzNZ@users.noreply.github.com>
Date: Tue, 5 Sep 2023 11:21:31 +1200
Subject: [PATCH 3/3] fix syntax

---
 src/application/collections/windows.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/application/collections/windows.yaml b/src/application/collections/windows.yaml
index 1216e9f9..2a73a8df 100644
--- a/src/application/collections/windows.yaml
+++ b/src/application/collections/windows.yaml
@@ -2889,12 +2889,14 @@ actions:
                     - https://github.com/undergroundwires/privacy.sexy/issues/247
                     - https://ghostvolt.com/blog/Is-the-Windows-Clipboard-Function-History-or-Sync-Secure.html
                 call:
+                -
                     function: DisablePerUserService
                     parameters:
                         # Check (system-wide):  (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\cbdhsvc").Start
                         # Check (per-user):     (Get-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\cbdhsvc_*").Start
                         serviceName: cbdhsvc
                         defaultStartupMode: Automatic
+                -
                     function: RunInlineCode
                     parameters:
                         code: reg add "HKLM\SOFTWARE\Policies\Microsoft\Windows\System" /v "AllowClipboardHistory" /t REG_DWORD /d 0 /f