[css-fonts-4] Add explanatory text about tradeoffs on blocking local fonts, particularly wrt i18n considerations #5625
Conversation
…fonts, particularly wrt i18n considerations Closes w3c#5421.
|
Would you have a problem tweaking this by adding something like:
|
I would have a problem with this. It's a user agent's choice whether or not they want to allow users to opt-in to bad privacy. Also, CSS should not dictate what UI is present in the browser chrome. Adding browser UI has cost, both on the developer and the user (in the form of additional complexity) and it's up to the UA to determine if the cost is worth it. All we can do here is make the point that some fonts might be required for i18n, and let the UA determine how best to satisfy that requirement. |
There's a trade-off between privacy and functionality here; we all realize that. The functionality involved is sometimes purely a matter of aesthetics, but other times it may make the difference between a user being able to read a page or not. While a user agent may make various choices with regard to default behavior, it seems severe for a user agent to entirely block functionality that may be critical to the usability of web pages the user wants to see. Florian's proposed text uses should rather than must, so it does not impose a mandatory requirement on UAs, but I think it sends a worthwhile signal about the importance of this issue. |
It's our job to design tech that supports all languages worldwide, and it shouldn't be conformant to make it practically impossible for a normal user to read minority-language pages on their computer. |
| @@ -6146,7 +6146,9 @@ Web Fonts shadow Installed Fonts, so if an Installed Font has the same family na | |||
| <h3 id="preinstalled-and-user-installed-fonts"> | |||
| Preinstalled Fonts and User-Installed Fonts</h3> | |||
|
|
|||
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. User Agents may choose to ignore User-Installed Fonts for the purpose of the <a href="#font-matching-algorithm">Font Matching Algorithm</a>. | |||
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. | |||
There was a problem hiding this comment.
s/Users may/Users can/ since this is a statement of fact not an allowance in this spec.
(I also, btw, recommend adopting https://rhodesmill.org/brandon/2012/one-sentence-per-line/ since it makes diffing a lot easier...)
There was a problem hiding this comment.
perhaps /should not expect/should not count on/
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. User Agents may choose to ignore User-Installed Fonts for the purpose of the <a href="#font-matching-algorithm">Font Matching Algorithm</a>. | ||
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. | ||
|
|
||
| Note: The set of <a href="#installed-fonts">installed fonts</a> available in the <a href="#font-matching-algorithm">Font Matching Algorithm</a> is explicitly undefined. The available set of fonts <a href="https://panopticlick.eff.org">is</a> used by trackers to fingerprint users and reduce their privacy. However, some <a href="#installed-fonts">installed fonts</a>, even some <a href="#preinstalled-and-user-installed-fonts">user-installed fonts</a>, are required to make languages readable. User Agents may choose to make all installed fonts available for language support and design integrity reasons, or may choose to make some fonts unavailable for privacy reasons. In addition, User Agents may have additional facilities for fine-tuning this balance, such as interfaces to allow users to explicitly make certain fonts available or unavailable. Different User Agents, even running on the same Operating System, are expected to strike different balances here. |
There was a problem hiding this comment.
If you want to allow the UA to exclude certain installed fonts from the list of fonts available in the Font Matching Algorithm, add an explicit normative statement that says that. Adding a statement here that the set of fonts available to the Font Matching Algorithm is undefined is disingenuous.
Also, putting it in a note implies that it's a restatement of a normative definition elsewhere. If you want to assert that such a normative definition exists because you haven't explicitly forbidden such subsetting, then it's not clear to me that the allowance is limited to installed fonts only: if you're allowing subsetting of installed by omission of forbidding it, doesn't that mean you're also allowing subsetting of web fonts, because that also is not forbidden?
There was a problem hiding this comment.
This focuses totally on UAs, with little mention of user action to allow or disallow particular fonts (per-site or globally).
There was a problem hiding this comment.
If you want to allow the UA to exclude certain installed fonts from the list of fonts available in the Font Matching Algorithm, add an explicit normative statement that says that.
Strongly agree.
It's also our job to protect our users' privacy. You're right that there are good arguments for allowing some user-installed fonts. There are also good arguments for disallowing all of them, too. That's the point I'm trying to make - it's up to each UA to balance these competing desires. |
I agree.
By turning off local fonts by default you are protecting your users' privacy. This is indeed an acceptable choice given that tradeoff. However, by making it impossible to turn certain fonts back on even when the user cannot read the page without them, you are not protecting that user's privacy, you're turning them into a non user: they cannot use the browser to read the page they wanted. (Semi-sarcastic / semi-true addition: in that case, the browser is no more useful to that user than a brick, since neither a brick nor a browser than cannot display their language will let them browse that page. However, the browser is worse than a brick in terms of privacy, since an actual brick will have zero fingerprinting surface, but which is not the case of the no-local-font browser) |
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. User Agents may choose to ignore User-Installed Fonts for the purpose of the <a href="#font-matching-algorithm">Font Matching Algorithm</a>. | ||
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. | ||
|
|
||
| Note: The set of <a href="#installed-fonts">installed fonts</a> available in the <a href="#font-matching-algorithm">Font Matching Algorithm</a> is explicitly undefined. The available set of fonts <a href="https://panopticlick.eff.org">is</a> used by trackers to fingerprint users and reduce their privacy. However, some <a href="#installed-fonts">installed fonts</a>, even some <a href="#preinstalled-and-user-installed-fonts">user-installed fonts</a>, are required to make languages readable. User Agents may choose to make all installed fonts available for language support and design integrity reasons, or may choose to make some fonts unavailable for privacy reasons. In addition, User Agents may have additional facilities for fine-tuning this balance, such as interfaces to allow users to explicitly make certain fonts available or unavailable. Different User Agents, even running on the same Operating System, are expected to strike different balances here. |
There was a problem hiding this comment.
This focuses totally on UAs, with little mention of user action to allow or disallow particular fonts (per-site or globally).
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. User Agents may choose to ignore User-Installed Fonts for the purpose of the <a href="#font-matching-algorithm">Font Matching Algorithm</a>. | ||
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. | ||
|
|
||
| Note: The set of <a href="#installed-fonts">installed fonts</a> available in the <a href="#font-matching-algorithm">Font Matching Algorithm</a> is explicitly undefined. The available set of fonts <a href="https://panopticlick.eff.org">is</a> used by trackers to fingerprint users and reduce their privacy. However, some <a href="#installed-fonts">installed fonts</a>, even some <a href="#preinstalled-and-user-installed-fonts">user-installed fonts</a>, are required to make languages readable. User Agents may choose to make all installed fonts available for language support and design integrity reasons, or may choose to make some fonts unavailable for privacy reasons. In addition, User Agents may have additional facilities for fine-tuning this balance, such as interfaces to allow users to explicitly make certain fonts available or unavailable. Different User Agents, even running on the same Operating System, are expected to strike different balances here. |
There was a problem hiding this comment.
If you want to allow the UA to exclude certain installed fonts from the list of fonts available in the Font Matching Algorithm, add an explicit normative statement that says that.
Strongly agree.
| @@ -6146,7 +6146,9 @@ Web Fonts shadow Installed Fonts, so if an Installed Font has the same family na | |||
| <h3 id="preinstalled-and-user-installed-fonts"> | |||
| Preinstalled Fonts and User-Installed Fonts</h3> | |||
|
|
|||
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. User Agents may choose to ignore User-Installed Fonts for the purpose of the <a href="#font-matching-algorithm">Font Matching Algorithm</a>. | |||
| Users may choose to install fonts on their devices. User-Installed Fonts are installed by an explicit action by the user, such as clicking an "Install" button or copying a file into a particular directory on their device. Such fonts are User-Installed Fonts and also are Installed Fonts. Web content authors should not expect the presence of user-installed fonts, because there is no guarantee any user will have performed the action to install a specific font. | |||
There was a problem hiding this comment.
perhaps /should not expect/should not count on/
|
As this PR has bitrotted in the interim, and requested changes have not been made, I pulled out the proposed text, added the requested changes, and added it in b0ac8dd |
Closes #5421.