commit | 373523f930678933490d7c2185836a4ee49411a4 | [log] [tgz] |
---|---|---|
author | Jonathan Kew <jfkthame@gmail.com> | Thu May 21 10:41:02 2020 |
committer | Jonathan Kew <jfkthame@gmail.com> | Thu May 21 16:10:52 2020 |
tree | 3c2081be46e03e4f1c6dd68ad740dead73f16b82 | |
parent | bbd729f8f39c28db9818371b20f9e5ed44226c2f [diff] |
Sanitize the PSname to work around buggy consumers We limit the PSname to the "unreserved characters" of the URI spec at https://tools.ietf.org/html/rfc3986#section-2.3. This is done to work around bugs in downstream software that will consume the sanitized font data, such as Core Text; see discussion in https://bugs.chromium.org/p/chromium/issues/detail?id=1072921.
The OpenType Sanitizer (OTS) parses and serializes OpenType files (OTF, TTF) and WOFF and WOFF2 font files, validating them and sanitizing them as it goes.
The C library is integrated into Chromium and Firefox, and also simple command line tools to check files offline in a Terminal.
The CSS font-face property is great for web typography. Having to use images in order to get the correct typeface is a great sadness; one should be able to use vectors.
However, on many platforms the system-level TrueType font renderers have never been part of the attack surface before, and putting them on the front line is a scary proposition... Especially on platforms like Windows, where it's a closed-source blob running with high privilege.
Instructions below are for building standalone OTS utilities, if you want to use OTS as a library then the recommended way is to copy the source code and integrate it into your existing build system. Our build system does not build a shared library intentionally.
Build OTS:
$ meson build $ ninja -C build
Run the tests (if you wish):
$ ninja -C build test
See docs
Thanks to Alex Russell for the original idea.