- From: Aryeh Gregor <Simetrical+w3c@gmail.com>
- Date: Thu, 25 Jun 2009 12:55:32 -0400
- To: "Levantovsky, Vladimir" <Vladimir.Levantovsky@monotypeimaging.com>
- Cc: robert@ocallahan.org, Brad Kemper <brad.kemper@gmail.com>, Jonathan Kew <jonathan@jfkew.plus.com>, www-style@w3.org
On Thu, Jun 25, 2009 at 12:43 PM, Levantovsky, Vladimir<Vladimir.Levantovsky@monotypeimaging.com> wrote: > There are other ways to block font linking from other sites that do not > require root strings or CORS > (http://openfontlibrary.org/wiki/Blocking_drive-by_access). Referer-based methods are unreliable, and can block users of your own site as well as letting through users of other sites. Some software will strip referer headers, or even change them. (For instance, IIRC, no browser sends Referer headers from an HTTPS site to an HTTP site.) Depending on referer checking isn't a good idea.
Received on Thursday, 25 June 2009 16:56:15 UTC