- From: Sylvain Galineau <sylvaing@microsoft.com>
- Date: Tue, 4 May 2010 13:42:40 +0000
- To: Anne van Kesteren <annevk@opera.com>, Robert O'Callahan <robert@ocallahan.org>
- CC: John Hudson <tiro@tiro.com>, Tab Atkins Jr. <jackalmage@gmail.com>, "www-font@w3.org" <www-font@w3.org>
> The WOFF implementation that landed in Chromium does not use CORS by > the > way. Taking the opportunity to point out that it also apparently cripples the font to mitigate security risks and breaks several font features in the process (complex scripts, kerning, ligatures). Adding Tab so we can get more info on this design, including on the exact security issues that led to this design decision. This is also an area worth investigating for this WG from a conformance standpoint.
Received on Tuesday, 4 May 2010 13:44:09 UTC