Re: [csswg-drafts] [css-conditional-4] Specific font families? (#2139) from Chris Lilley via GitHub on 2021-12-03 (public-css-archive@w3.org from December 2021)

From: Chris Lilley via GitHub <sysbot+gh@w3.org>
Date: Fri, 03 Dec 2021 18:25:32 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-985735366-1638555930-sysbot+gh@w3.org>

This is related to https://github.com/w3c/csswg-drafts/issues/4497

See also the [Privacy section in CSS Fonts 4](https://drafts.csswg.org/css-fonts-4/#sp201):

> An attacker may obtain fingerprinting information by querying the Installed Fonts. In contrast to older technologies (notably Adobe Flash, which provided a complete list of Installed Fonts and sent this information in HTTP headers) such probing must be done one font at a time, providing the font family name and then checking (either via script, or by using unicode-range to selectively download webfonts depending on whether the user has a font by a certain name that supports a certain character) whether the font was loaded. This takes time, and checking for more than a few hundred fonts introduces a noticeable delay in page rendering.


-- 
GitHub Notification of comment by svgeesus
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/2139#issuecomment-985735366 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 3 December 2021 18:25:34 UTC