Yes, we are working on some ideas to address known security issues of CSS3 Web Fonts. The engineer in Tokyo is now checking some implementation to see how effective the idea is and consider how to improve it to become safer. Takuya
On Sun, Jul 5, 2009 at 1:57 AM, Ian Fette <i...@chromium.org> wrote: > There are a few people looking at doing this safely (including part of the > team in Tokyo). There are ideas on how to do this in a reasonably safe > manner and they are being explored. The security review is not "in progress" > - previous status was "Bad", there was work done to come up with ways to > address said concerns, and now work is being done to try to implement those > ideas - security review will happen again once those ideas are implemented. > -Ian > > 2009/7/4 Peter Kasting <pkast...@google.com> > > On Fri, Jul 3, 2009 at 9:34 PM, Darin Fisher <da...@chromium.org> wrote: >> >>> http://code.google.com/p/chromium/issues/detail?id=9633 >>> >> >> I see. Is the security review for these in progress? Seems like I saw >> some concerns about embeddable fonts... are those fixable? I would be sad >> to see these off-by-default for an indefinite time. >> >> PK >> >> >> > > > > --~--~---------~--~----~------------~-------~--~----~ Chromium Developers mailing list: chromium-dev@googlegroups.com View archives, change email options, or unsubscribe: http://groups.google.com/group/chromium-dev -~----------~----~----~----~------~----~------~--~---
