- From: Sylvain Galineau <sylvaing@microsoft.com>
- Date: Tue, 29 Mar 2011 01:09:15 +0000
- To: Bert Bos <bert@w3.org>, "www-font@w3.org" <www-font@w3.org>
[Bert Bos:] > > c) Clarify how a) contradicts b) > > WOFF section 1 says that a font file downloaded from, e.g., > http://example.com/font can be used, while exactly the same file > downloaded from ftp://example.org/font cannot be used (or vice versa, as > the case may be). The two resources may be byte for byte the same, it is > only the URL that makes a difference. But AWWW says that UAs "SHOULD NOT" > infer properties of resources from their URLs. It doesn't say that. This section does not say that the font's URL alone is sufficient to decide whether a font can be used or not. Although I agree one needs careful reading, what it is saying is that when the font's origin (not its URL) does not match that of the document referencing it, then the server must explicitly *allow* this reference. A different origin is in and of itself *not* enough to assert whether or not the font *can* be used. If such a pattern does contradict AWWW then XHR, CORS and many other specs are potentially also defining such a violation....
Received on Tuesday, 29 March 2011 01:09:49 UTC