- From: Chris Lilley <chris@w3.org>
- Date: Mon, 26 Apr 2010 12:37:03 +0200
- To: "Anne van Kesteren" <annevk@opera.com>
- CC: public-webfonts-wg@w3.org
On Monday, April 26, 2010, 9:16:25 AM, Anne wrote: AvK> Christopher Slye wrote: >> Is there an argument to be made _against_ requiring SOR? AvK> If by SOR you mean CORS No. SOR means Single Origin Restriction and is being used correctly here by Christopher. AvK> CORS is meant to lift restrictions that unless otherwise in place would be AvK> privacy problems. Privacy is one reason to widen the Single Origin Restriction. There can be other reasons. For example, a licensed user of a font may deploy content on several domains that they own (or rather, one single domain whose domain names would not be considered a single domain in terms of SOR). AvK> Fonts do not need these restrictions. Indeed? A number of font licenses say otherwise and require the licensed user of the font to take 'reasonable precautions' to prevent access to the font from sites other than the one licensed to use it. SAOR is a common means to enable this. AvK> There is no privacy leak when I use AvK> a font from another server on my own. Privacy is not the concern here. AvK> If we are concerned with bandwidth usage we should have something that AvK> also works for <img>, <video>, etc, not just for fonts. Bandwidth is not the concern here either. -- Chris Lilley mailto:chris@w3.org Technical Director, Interaction Domain W3C Graphics Activity Lead Co-Chair, W3C Hypertext CG
Received on Monday, 26 April 2010 10:37:13 UTC