- From: Rossen Atanassov <notifications@github.com>
- Date: Mon, 11 Jul 2022 08:44:56 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Monday, 11 July 2022 15:45:19 UTC
Hi @inexorabletash, @plinss and I had a chance to go over the updates you linked to - thank you for these and reopening. These are the concerns we have after this review pass: The expanded fingerprinting issue commit is good, however there is no mitigation suggestions just some info. For example, "in incognito mode, don't expose the fonts" or something similar is what we would generally expect. It seems you added a choose method, but the mechanism is still of the format "give me all the fonts" and allow user to choose which fonts to expose. What we asked for was - "let the user choose a font and then you get back a font". Exposing all fonts runs into the issue of users just hitting "select all" and move on. Another concern we have is the exposing the `blob` function and access to the font raw data. You stated that users of the API will want to provide data to libraries that expect all the fonts. That is the justification for the `blob` approach. Can you provide examples of such libraries you're talking about? Our assumption was that the goal of such API is to replace those libraries. -- Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/400#issuecomment-1180572491 You are receiving this because you are subscribed to this thread. Message ID: <w3ctag/design-reviews/issues/400/1180572491@github.com>
Received on Monday, 11 July 2022 15:45:19 UTC