- From: Anne van Kesteren <annevk@opera.com>
- Date: Sat, 20 Jun 2009 12:29:36 +0200
- To: "Brad Kemper" <brad.kemper@gmail.com>, "John Daggett" <jdaggett@mozilla.com>
- Cc: www-style@w3.org
On Fri, 19 Jun 2009 18:16:14 +0200, Brad Kemper <brad.kemper@gmail.com> wrote: > Doesn't CORS have to deal with all that anyway? At some point, in order > to make CORS versions of root strings work (as per the current working > draft[2]), someone has to enter a list of "source origin strings" > somewhere for each resource you want to restrict, and then the server > needs to look at that list in order to know how to set the HTTP headers. > I'm just suggesting that the server could look at the list in the font > itself in order to automatically set the list that CORS uses for that > font. I'm not sure we should have cross-origin restrictions on font loading though. Mozilla implemented this, but it seems really inconsistent with similar APIs, e.g. <img> and <script>, or, to stick with CSS, 'list-style-image' and friends. > 2. > http://www.w3.org/TR/access-control/#access-control-allow-origin-response-hea -- Anne van Kesteren http://annevankesteren.nl/
Received on Saturday, 20 June 2009 10:30:20 UTC