I see (in your explainer) that the CSSWG is working on this problem in https://github.com/w3c/csswg-drafts/issues/11753. Even though we have the 'explainers-by-googlers' space available for early projects, it's better to do widely-agreed work in established CGs and WGs. Can you move this explainer into the CSS repository and work on it with the WG, or is there some reason you think that would slow down its progress toward cross-browser consensus?
Thanks, Jeffrey On Wed, Apr 2, 2025 at 2:36 PM Chromestatus <ad...@cr-status.appspotmail.com> wrote: > Contact emails ta...@google.com, riz...@google.com > > Explainer > https://github.com/explainers-by-googlers/limiting-local-fonts-access?tab=readme-ov-file > > Specification None > > Summary > > Limits the fonts websites can use to only the default system fonts > installed by the operating system. The unique set of locally installed > fonts can be used for cross-site user tracking by measuring the > side-effects of font rendering. By restricting user-installed font access, > we aim to improve user privacy. > > > Blink component Blink>Fonts > <https://issues.chromium.org/issues?q=customfield1222907:%22Blink%3EFonts%22> > > Motivation > > Users have unique font collections on their devices, and this uniqueness > can be exploited to track them across the web by analyzing font rendering. > This undermines user privacy by allowing websites to re-identify > individuals. To mitigate this privacy risk, a solution is needed to limit > websites' access to a user's set of locally installed fonts. Recent CSS > working group discussions have also brought up the idea of prescribing user > agents to not expose user-installed fonts on the web as a privacy > protecting measure. These measures mirror Safari’s approach of limiting > local font availability by restricting to fonts that are bundled with the > operating system by default. > > > Initial public proposal > https://github.com/explainers-by-googlers/limiting-local-fonts-access > > TAG review None > > TAG review status Pending > > Risks > > > Interoperability and Compatibility > > None > > > *Gecko*: Shipped/Shipping ( > https://support.mozilla.org/en-US/kb/firefox-protection-against-fingerprinting#:~:text=Enable%20Fingerprinting%20Protection%3A%20To%20control,Known%20fingerprinters%20and%20Suspected%20fingerprinters) > > > *WebKit*: Shipped/Shipping (https://webkit.org/tracking-prevention) > > *Web developers*: No signals > > *Other signals*: > > WebView application risks > > Does this intent deprecate or change behavior of existing APIs, such that > it has potentially high risk for Android WebView-based applications? > > None > > > Debuggability > > None > > > Is this feature fully tested by web-platform-tests > <https://chromium.googlesource.com/chromium/src/+/main/docs/testing/web_platform_tests.md> > ? No > > Flag name on about://flags None > > Finch feature name None > > Non-finch justification None > > Requires code in //chrome? False > > Estimated milestones > DevTrial on desktop 138 > > Link to entry on the Chrome Platform Status > https://chromestatus.com/feature/5185489285677056?gate=5188393555984384 > > This intent message was generated by Chrome Platform Status > <https://chromestatus.com>. > > -- > You received this message because you are subscribed to the Google Groups > "blink-dev" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to blink-dev+unsubscr...@chromium.org. > To view this discussion visit > https://groups.google.com/a/chromium.org/d/msgid/blink-dev/67edade5.170a0220.2d63e1.0a6e.GAE%40google.com > <https://groups.google.com/a/chromium.org/d/msgid/blink-dev/67edade5.170a0220.2d63e1.0a6e.GAE%40google.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "blink-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscr...@chromium.org. To view this discussion visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CANh-dXkDT1VZA834q2MRH_7KPVYTitsk3Dk90x1UojNTT-0s_g%40mail.gmail.com.
