Font Enumeration API #399
Comments
|
@ylafon and I are looking at this during a breakout at the Tokyo TAG face-to-face meeting. One issue that doesn't appear to be addressed in the Security and Privacy questionnaire response is the question of fingerprinting. Having an API for font enumeration seems like it makes font-based active fingerprinting substantially easier and faster. That's something that needs to be traded off against the use cases for the feature -- use cases that aren't especially clear in the explainer. It would probably be helpful if the explainer gave some compelling examples of user-facing features that would be enabled by this web feature. This would also help understand the question of whether there are other less-powerful APIs that could address the same use cases, for example, APIs designed for finding similar fonts. It's also worth noting that past studies of font-based fingerprinting had reported entropy that included order data from plugins. One of the major plugins (I don't remember if it was Java or Flash) had a font enumeration API that returned the fonts in a system-specific sort order that I think was a function of the time the font was installed on the system. This provided a large amount of additional entropy that was totally unnecessary for the feature. At the very least it seems important for the spec to prescribe a sort order for the enumeration to avoid a repeat of this problem. I've still been hoping to find the time to take a somewhat closer look at this, but haven't managed to do that yet. |
|
Labeling as a Fugu-related request since it appears in Fugu's full list of capabilities. |
|
@plinss and I took another look at this in our Cupertino F2F. We share @dbaron’s & @ylafon’s desire for a “ less-powerful APIs that could address [some of] the same use cases”—in particular, a picker-style API could allow sites to receive access to specific fonts that they need (like Consolas in the previous example) without exposing the list of installed fonts. @plinss remembers a TPAC conversation from Fukuoka, perhaps in the Houdini TF, where a picker-style API got significant support. |
|
@plinss and I had another look at this topic and its relevance to Font Table Access API. There has been no progress we observed and given how tightly coupled the two API proposals are our proposal is to close the issue. |
|
re: lack of progress - we deferred work for a while, but are planning to revisit in the very near future. re: two proposals - we are planning to re-merge the proposals; at one point we thought splitting them made sense to unblock some discussion. Closing one of these out is fine. |
|
Hi folks, apologies about the delays. Here's a quick summary:
|
|
I wrote in December 2019:
We still believe that a picker-style API solves the most pressing user needs while having far preferable characteristics re: privacy, which we've documented in our Web Platform Design Principles document (specifically in 8.2. Use care when exposing APIs for selecting or enumerating devices). Note that such an approach would also address WICG/local-font-access#36 and WICG/local-font-access#62. From this comment it looks like you're considering a picker-style API alternative. We look forward to learning more about it. |
|
Indeed, we've been making progress with the API and have been prototyping a chooser behind a flag. I'll be amending the explainer and spec copy soon. |
Any updates for us? |
This change ensures fonts are sorted before being cached. This change is due to a concern about fingerprinting: w3ctag/design-reviews#399 (comment) This change ensures that fonts are sorted in lexicographical order. Bug: 1043306 Change-Id: Ia3acf2a45cb473124df4e489683bdc7bac15dde4 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2427040 Commit-Queue: Olivier Yiptong <[email protected]> Reviewed-by: Joshua Bell <[email protected]> Cr-Commit-Position: refs/heads/master@{#810519} GitOrigin-RevId: 404b7cc426e259c11276d673630c9f094628259f
This reverts commit 404b7cc426e259c11276d673630c9f094628259f. Reason for revert: Breaks tests on Win 7 Builder: https://ci.chromium.org/p/chromium/builders/ci/Win7%20Tests%20%281%29/108048 Original change's description: > FontAccess: Sort fonts in lexicographical order > > This change ensures fonts are sorted before being cached. This change is > due to a concern about fingerprinting: > w3ctag/design-reviews#399 (comment) > > This change ensures that fonts are sorted in lexicographical order. > > Bug: 1043306 > Change-Id: Ia3acf2a45cb473124df4e489683bdc7bac15dde4 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2427040 > Commit-Queue: Olivier Yiptong <[email protected]> > Reviewed-by: Joshua Bell <[email protected]> > Cr-Commit-Position: refs/heads/master@{#810519} [email protected],[email protected] Change-Id: I75926b99ebb7e663875e0eae3d89d877f623a6ae No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: 1043306 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2431025 Reviewed-by: Jan Wilken Dörrie <[email protected]> Commit-Queue: Jan Wilken Dörrie <[email protected]> Cr-Commit-Position: refs/heads/master@{#810547} GitOrigin-RevId: 1117bd9f0c2c79301ea57956b1cba8bd34d8dc1e
This is a reland of 404b7cc426e259c11276d673630c9f094628259f The original CL failed some tests because the code assumes that platform-specific APIs called returned unique data. This was a false assumption. This reland follows another CL: https://crrev.com/c/2438875, which ensures that fonts are not duplicated. Original change's description: > FontAccess: Sort fonts in lexicographical order > > This change ensures fonts are sorted before being cached. This change is > due to a concern about fingerprinting: > w3ctag/design-reviews#399 (comment) > > This change ensures that fonts are sorted in lexicographical order. > > Bug: 1043306 > Change-Id: Ia3acf2a45cb473124df4e489683bdc7bac15dde4 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2427040 > Commit-Queue: Olivier Yiptong <[email protected]> > Reviewed-by: Joshua Bell <[email protected]> > Cr-Commit-Position: refs/heads/master@{#810519} Bug: 1043306 Change-Id: Ic3d70744661a838d82349c017a1cb0e8c23a3654 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2432815 Commit-Queue: Olivier Yiptong <[email protected]> Reviewed-by: Joshua Bell <[email protected]> Cr-Commit-Position: refs/heads/master@{#812965} GitOrigin-RevId: 20b437f14f2d7abc556a00e1486aa95b15fc77e6
こんにちはTAG!
I'm requesting a TAG review of:
Further details:
We recommend the explainer to be in Markdown. On top of the usual information expected in the explainer, it is strongly recommended to add:
We'd prefer the TAG provide feedback as (please select one):
Please preview the issue and check that the links work before submitting. In particular, if anything links to a URL which requires authentication (e.g. Google document), please make sure anyone with the link can access the document.
¹ For background, see our explanation of how to write a good explainer.
The text was updated successfully, but these errors were encountered: