Re: [css3-webfonts] Downloaded fonts should not...

Brad Kemper wrote:
>  Well, of course a font will be downloaded if it is ever to be used.
>  You have to think about the order of things.
>
>  1. Site A has a font that you've never come across before,
>  "font_a.ttf". At this point, it's name doesn't match anything on your
>  computer, so the UA downloads it. 2. The UA compares the header
>  information to actual font/file information of the already downloaded
>  font and sees that it matches. 3. Site B has a font of the same
>  name. Your UA downloads the header information. It appears to be the
>  same font, so it doesn't bother downloading it again. If Site B is
>  lying in their header, its not going to do them any good, because
>  their font is not being downloaded at that point.
>
>  or
>
>  1. Site A has a font that you've never come across before,
>  "font_a.ttf". At this point, it's name doesn't match anything on your
>  computer, so the UA downloads it. 2. The UA compares the header
>  information to actual font/file information of the already downloaded
>  font and sees that it DOES NOT match. 3. Site B has a font of the
>  same name. Your UA no longer cares about whether the name matches
>  site A's "font_a.ttf", because that one had incorrect header
>  information. So it downloads site B's font and uses it wherever site
>  B tells it to on site B.

The scenario that I had conceived of had Site A hosting the malicious 
file which would render your solution unworkable if the headers could be 
duplicated for two files that don’t actually match.

Maybe your suggestion would work though if the headers contained 
something like an MD5 number that was verified. The problem is, where 
would these headers go? Would this need a new font format? Could they be 
applied to existing formats?

Brad Kemper wrote:
>  *Speed:* Also, I would very much like to use @font-face, but if the
>  page fails to render for a couple minutes while a font downloads over
>  a dial-up connection... well, that's just not an option either
>  (which is why I was curious as to if WebKit does any kind of
>  progressive rendering).

I can’t say for sure, but based on Safari 3.1 (525.13) for Windows and a 
view of the document at 
<http://www.fonts.info/info/press/font-face-embedding-demo.htm>, it 
seems to be that WebKit downloads the fonts before rendering text that 
uses said fonts. I’m on dial‐up here and I note a noticeable delay while 
the document is loading; it’s completely white, then the smaller text 
shows up after a delay in downloading resource 4 of 5 (I didn’t verify 
which file this was), then the large text shows up.

Brad Kemper wrote:
>  However, if a downloaded font could attain permanence in the UA
>  without being able to mess up other sites in ways they didn't expect,
>  then that would be a huge improvement. How is that not worthy of
>  consideration?

I don’t believe that I said that it wasn’t worthy of consideration. 
There just needs to be a good proposal to address issues like security.

Brad Kemper wrote:
>  That seems like a pretty significant gain. You say you don't want to
>  accept the risks, but you are unwilling to even explore ideas for
>  removing those risks?

No.

Received on Thursday, 17 April 2008 08:28:55 UTC