Re: Firefox 44 (and Chrome in future) may reject some web fonts that were previously accepted

Could we fix the OTS checks and have consistency and happiness once again?

On Tue, Jan 5, 2016 at 4:36 AM, Behdad Esfahbod <behdad@google.com> wrote:

> On Tue, Jan 5, 2016 at 10:10 AM, Jonathan Kew <jfkthame@gmail.com> wrote:
>
>> On 4/1/16 22:54, Roderick Sheeter wrote:
>>
>>> Just a quick heads up, Firefox 44, coming Jan 26 2016
>>> (https://developer.mozilla.org/en-US/Firefox/Releases/44) updates OTS to
>>> reject fonts if it rejected any of { GDEF, GSUB, GPOS }. Chrome will
>>> pick this up at some point as well.
>>>
>>>
>> I'm not sure this will affect Chrome, actually; my understanding is that
>> Blink now lets GDEF/GSUB/GPOS tables bypass OTS validation, on the grounds
>> that harfbuzz does its own sanitization before using them and therefore
>> should be safe from malformed/malicious tables.
>>
>> (See https://codereview.chromium.org/1306343006/)
>>
>> It's possible we'll do something like that in Gecko at some point, though
>> in principle I'd prefer to see pressure brought to bear on
>> designers/authors to get incorrectly-built fonts fixed.
>
>
> I fully agree with the latter statement.  Though, the reason we dropped
> OTS check was that they were too limiting, rejecting perfectly legitimate
> tables.
>
>>
>> JK
>>
>>
>> Previously OTS would drop the table(s) but accept the font so it would
>>> work as a web font, albeit potentially with odd behavior due to the
>>> missing tables.
>>>
>>> This change causes some fonts that were previously accepted to be
>>> rejected by the browser. If so, those fonts will require updates to
>>> continue to work as web fonts.
>>>
>>> See https://github.com/khaledhosny/ots/issues/74 for additional context
>>> around the OTS change.
>>>
>>> Rod S
>>>
>>
>>
>>
>