|
|
|
|
|
|
by dbaron
4646 days ago
|
|
|
So we (Mozilla) are following the spec, which says what it does as the result of discussion/negotiation over a period of at least 4 years (roughly 2007-2011) involving browser makers and font foundries, both in terms of what browsers were willing to implement (not wanting something DRM-like to protect fonts) but what would lead to more font foundries being willing to license commercial fonts for use on the Web. So following the spec here isn't about blindly honoring some piece of paper; it's about honoring the result of a negotiation process that we participated in. WebKit unilaterally ignored this agreement, though it sounds like Blink may well change to honoring it. Many (but not all) of us believe that same-origin by default is also the right thing for security, that it should be the default for new types of resource linking on the Web, and that not having same origin restrictions for things like images was a pretty serious mistake that we're still paying the security costs of (for example, with canvas image tainting). |
|
|