- From: Levantovsky, Vladimir <Vladimir.Levantovsky@MonotypeImaging.com>
- Date: Thu, 25 Jun 2009 13:02:51 -0400
- To: "Aryeh Gregor" <Simetrical+w3c@gmail.com>
- Cc: <robert@ocallahan.org>, "Brad Kemper" <brad.kemper@gmail.com>, "Jonathan Kew" <jonathan@jfkew.plus.com>, <www-style@w3.org>
> -----Original Message----- > From: simetrical@gmail.com [mailto:simetrical@gmail.com] On Behalf Of > Aryeh Gregor > Sent: Thursday, June 25, 2009 12:56 PM > To: Levantovsky, Vladimir > Cc: robert@ocallahan.org; Brad Kemper; Jonathan Kew; www-style@w3.org > Subject: Re: New work on fonts at W3C > > On Thu, Jun 25, 2009 at 12:43 PM, Levantovsky, > Vladimir<Vladimir.Levantovsky@monotypeimaging.com> wrote: > > There are other ways to block font linking from other sites that do > not > > require root strings or CORS > > (http://openfontlibrary.org/wiki/Blocking_drive-by_access). > > Referer-based methods are unreliable, and can block users of your own > site as well as letting through users of other sites. Some software > will strip referer headers, or even change them. (For instance, IIRC, > no browser sends Referer headers from an HTTPS site to an HTTP site.) > Depending on referer checking isn't a good idea. Thank you. I am not a web developer so I would trust the experts on this. My point was that font vendors have so far proven to be reasonable people willing to cooperate, which is contrary to Rob's presumption that we would insist on a particular way of doing things (i.e. root strings). Cheers, Vladimir
Received on Thursday, 25 June 2009 17:03:24 UTC