W3C home > Mailing lists > Public > www-style@w3.org > June 2009

Re: New work on fonts at W3C

From: Robert O'Callahan <robert@ocallahan.org>
Date: Sun, 21 Jun 2009 00:15:07 +1200
Message-ID: <11e306600906200515ob200b13m5d79cff095c986e6@mail.gmail.com>
To: Anne van Kesteren <annevk@opera.com>
Cc: Brad Kemper <brad.kemper@gmail.com>, John Daggett <jdaggett@mozilla.com>, www-style@w3.org
On Sat, Jun 20, 2009 at 11:55 PM, Anne van Kesteren <annevk@opera.com>wrote:

> On Sat, 20 Jun 2009 13:26:19 +0200, Robert O'Callahan <
> robert@ocallahan.org> wrote:
>> On Sat, Jun 20, 2009 at 10:29 PM, Anne van Kesteren <annevk@opera.com
>> >wrote:
>>> I'm not sure we should have cross-origin restrictions on font loading
>>> though. Mozilla implemented this, but it seems really inconsistent with
>>> similar APIs, e.g. <img> and <script>
>> If we could have cross-origin restrictions on <img> and <script> without
>> breaking the Web, we would.
> My point is that since we do not have cross-origin restrictions for all
> those various other ways to load resources cross-origin (<link>, <script>,
> <img>, <video>, <audio>, <form>, <svg:image>, 'content', 'background-image',
> 'list-style-image', 'cursor', and probably more) it does not make sense to
> impose such a restriction here.

I don't think it's valuable to be consistent with a model that is
fundamentally insecure and deprives authors of control over who uses their

"He was pierced for our transgressions, he was crushed for our iniquities;
the punishment that brought us peace was upon him, and by his wounds we are
healed. We all, like sheep, have gone astray, each of us has turned to his
own way; and the LORD has laid on him the iniquity of us all." [Isaiah
Received on Saturday, 20 June 2009 12:15:43 UTC

This archive was generated by hypermail 2.3.1 : Monday, 2 May 2016 14:38:27 UTC