- From: Robert O'Callahan <robert@ocallahan.org>
- Date: Sat, 8 Jun 2013 23:32:58 +1200
- To: Ian Hickson <ian@hixie.ch>
- Cc: WHATWG <whatwg@whatwg.org>, Rik Cabanier <cabanier@gmail.com>, Boris Zbarsky <bzbarsky@mit.edu>
On Sat, Jun 8, 2013 at 11:08 AM, Ian Hickson <ian@hixie.ch> wrote: > If browsers align on the above text the HTML spec indeed would no longer > need to worry about this, since there'd no longer be any cross-origin > fonts. Has this occurred? > > (Personally I don't really see why we'd limit this to same-origin and > CORS-cross-origin only. It makes loading fonts from other origins a pain.) > It shouldn't be a pain; adding the right CORS headers should be easy. This very thread is one good example of why we should limit font loading to same-origin and CORS-cross-origin; it simplifies font-related APIs because we don't have to worry about information leaks. Rob -- q“qIqfq qyqoquq qlqoqvqeq qtqhqoqsqeq qwqhqoq qlqoqvqeq qyqoquq,q qwqhqaqtq qcqrqeqdqiqtq qiqsq qtqhqaqtq qtqoq qyqoquq?q qEqvqeqnq qsqiqnqnqeqrqsq qlqoqvqeq qtqhqoqsqeq qwqhqoq qlqoqvqeq qtqhqeqmq.q qAqnqdq qiqfq qyqoquq qdqoq qgqoqoqdq qtqoq qtqhqoqsqeq qwqhqoq qaqrqeq qgqoqoqdq qtqoq qyqoquq,q qwqhqaqtq qcqrqeqdqiqtq qiqsq qtqhqaqtq qtqoq qyqoquq?q qEqvqeqnq qsqiqnqnqeqrqsq qdqoq qtqhqaqtq.q"
Received on Saturday, 8 June 2013 11:33:23 UTC