EOT-Lite File Format v.1.1

Here's version 1.1.  Based on Sylvain's suggestion I limited the conforming version number to 0x00020000 and added a description of the same-origin check.

Embedded OpenType Lite (EOT-Lite) File Format

Below is a description of the EOT-Lite font wrapper.  It is intended
as a platform-independent wrapper around OpenType font data.  It is
designed to be compatible with versions of Microsoft Internet Explorer
that support the EOT format, referred to here as EOT-Classic [2]. To
generate a font compatible with EOT-Classic, refer to that

All header values are little-endian.  Type names are based on those
used in the OpenType specification [1].

(*) Values marked with an asterick are considered part of EOT-Classic
    and do not affect load behavior or usage outside of legacy EOT

  ULONG      EOTSize       Total structure length in bytes (including string and font data)
  ULONG      FontDataSize  Length of the OpenType font (FontData) in bytes
  ULONG      Version       Version number
  ULONG      Flags         Processing flags
* USHORT     Padding1[9]   Not used in EOT-Lite, see EOT-Classic [2]
  USHORT     MagicNumber   Magic number for EOT file - 0x504C
* ULONG      Padding2[7]   Not used in EOT-Lite, see EOT-Classic [2]
  ULONG      Reserved[4]   Reserved for future use - 0 for this version
* USHORT     Padding3      Not used in EOT-Lite, see EOT-Classic [2]
* BYTE       Padding4[n]   Variable size, not used in EOT-Lite, see EOT-Classic [2]
  BYTE       FontData[FontDataSize]

The Version field contains the version number.  The only valid version number
currently is 0x00020000.

The Flags field contains a set of bit flags.  Only the values below
are recognized in EOT-Lite, all other values are ignored:

  TTEMBED_TTCOMPRESSED               0x00000004
  TTEMBED_XORENCRYPTDATA             0x10000000

The process of activating an EOT-Lite font consists of (1) same-origin
check (2) EOT-Lite header validation and (3) font validation and

Same-origin check:

Before an EOT-Lite font is downloaded either of the conditions below
must be true:

1. The font originates from the same origin as the containing document
2. The site serving the font relaxes the restriction above using an
   Access-Control-Allow-Origin HTTP response header as described in the
   Cross-Origin Resource Sharing specification [3].

EOT-Lite header validation:

After an EOT-Lite font has been downloaded, the header it validated:

1. Check that MagicNumber is 0x504C.
2. Check that the version number is 0x00020000.
3. Check that Flag bits TTEMBED_TTCOMPRESSED and TTEMBED_XORENCRYPTDATA are not set.

If any of these checks fail, the font is not loaded.  Except for the
font data itself, no other field in the EOT-Lite header has any effect
on either load or rendering behavior.

The font is activated by loading the data at offset (EOTSize -
FontDataSize) of length (FontDataSize) as a normal OpenType font.  The
steps required to validate OpenType font data are intentionally not
described here since those are more the domain of the OpenType
specification [1] and validation steps may change as new security
threats emerge.

[1] OpenType specification - http://www.microsoft.com/typography/otspec/

[2] EOT-Classic - http://www.w3.org/Submission/EOT/
    Note: the version described as version 0x00010000 is actually
    version 0x00020000, the version used in EOT-Lite fonts.

[3] CORS specification - http://www.w3.org/TR/access-control/

Received on Friday, 31 July 2009 08:04:36 UTC