#399: Font Enumeration API
Discussions
Discussed
Sep 4, 2019 (See Github)
[bump to f2f
Comment by @dbaron Sep 12, 2019 (See Github)
@ylafon and I are looking at this during a breakout at the Tokyo TAG face-to-face meeting.
One issue that doesn't appear to be addressed in the Security and Privacy questionnaire response is the question of fingerprinting. Having an API for font enumeration seems like it makes font-based active fingerprinting substantially easier and faster. That's something that needs to be traded off against the use cases for the feature -- use cases that aren't especially clear in the explainer.
It would probably be helpful if the explainer gave some compelling examples of user-facing features that would be enabled by this web feature. This would also help understand the question of whether there are other less-powerful APIs that could address the same use cases, for example, APIs designed for finding similar fonts.
It's also worth noting that past studies of font-based fingerprinting had reported entropy that included order data from plugins. One of the major plugins (I don't remember if it was Java or Flash) had a font enumeration API that returned the fonts in a system-specific sort order that I think was a function of the time the font was installed on the system. This provided a large amount of additional entropy that was totally unnecessary for the feature. At the very least it seems important for the spec to prescribe a sort order for the enumeration to avoid a repeat of this problem.
I've still been hoping to find the time to take a somewhat closer look at this, but haven't managed to do that yet.
Comment by @dbaron Sep 12, 2019 (See Github)
Also, @ylafon points out that the explainer in #400 seems to provide a rather bad example of the use of this API -- it enumerates all of the fonts on the system just to find "Consolas" -- it seems like that would be much better addressed by an API that lets you ask for "Consolas".
Comment by @hober Oct 15, 2019 (See Github)
Labeling as a Fugu-related request since it appears in Fugu's full list of capabilities.
Comment by @hober Dec 3, 2019 (See Github)
@plinss and I took another look at this in our Cupertino F2F. We share @dbaron’s & @ylafon’s desire for a “ less-powerful APIs that could address [some of] the same use cases”—in particular, a picker-style API could allow sites to receive access to specific fonts that they need (like Consolas in the previous example) without exposing the list of installed fonts.
@plinss remembers a TPAC conversation from Fukuoka, perhaps in the Houdini TF, where a picker-style API got significant support.
Comment by @atanassov Mar 2, 2020 (See Github)
@plinss and I had another look at this topic and its relevance to Font Table Access API.
There has been no progress we observed and given how tightly coupled the two API proposals are our proposal is to close the issue.
Comment by @inexorabletash Mar 2, 2020 (See Github)
re: lack of progress - we deferred work for a while, but are planning to revisit in the very near future.
re: two proposals - we are planning to re-merge the proposals; at one point we thought splitting them made sense to unblock some discussion. Closing one of these out is fine.
Comment by @hober May 27, 2020 (See Github)
We (@dbaron @hober @plinss) looked at this again during the TAG F2F this week. We've tried to file issues in the WICG/local-font-access repo which capture each of the concerns that have come up during the several TAG breakouts on these two reviews. Given the lack of engagement in these reviews thus far, we don't see any value in keeping these issues open. Please feel free to ping us to re-open or file a new issue when there are significant changes.
- Non-OpenType fonts #19
- Anne's feedback re: Non-goals and alternative approaches #20
- Fonts need to be sorted #23
- mention additional fingerprinting surface in details of font versions #25
- Please add a Table of Contents to the explainer #26
- explainer suggests iterating all the fonts in order to find Consolas #27
Comment by @oyiptong Nov 10, 2020 (See Github)
We've made some progress on the Local Font Access API.
It now combines the Enumeration API and a Font Data Access API. The repos are all the same, but the explainer is now at https://github.com/wicg/local-font-access
Should this be a new issue, or can I revive this one?
Discussed
Nov 16, 2020 (See Github)
Peter: Re-opened as they published a new version of their API.
... Last time we looked at this we pushed back, saying why not use a font picker. I don't see that taken on here...
David: Some of the folks who wanted this might have been design tools folks like Figma. Examples in the old explainer didn't really motivate it very clearly.
Peter: ... don't necessarily want just local fonts, but also web fonts.
Rossen: Won't this go against efforts around privacy and not allowing system fonts to be exposed? Two opposing forces working against each other.
... I remember discussions with the CSSWG in Fukuoka TPAC. There was a strong push-back on this one then. But I don't remember much else.
Peter: (quoting) ... haven't heard interest in a font picker implementation. People aren't asking about a privacy-preserving version.
Rossen: The explainer doesn't give the impression that privacy is top of mind.
Alice: Spec does talk about privacy options in the goals...
Peter: How useful is this API in the case where everyone gets the same small set of data?
Alice: Seems like the intention is that the "full" set will be given (only) in trusted contexts, with that being left up to the UA to determine.
Peter: I see lots of references to partners... it reads like it's designed for one application.
Rossen: Did we ask how this could benefit the rest of the web platform beyond the one (presumed) use case?
Peter: Looking over our comments, we previously closed the issue for lack of progress. There is a new version but I don't see anything that addresses our earlier feedback, and most of the issues we previously filed are still open.
... What feedback could we give that would be productive?
David: From Tess' comment, 6 issues are listed, 1 is closed, 4 still open, and 1 is a broken link.
Alice: Perhaps we could just ask for a summary of what's changed and why? And possibly for more clarity around intended use cases (beyond the "goals" and the tightly scoped "key scenarios" - what is the context for these goals and scenarios?)
Peter: I'll try and leave that feedback.
Comment by @plinss Nov 16, 2020 (See Github)
@oyiptong Can you give a summary of the changes made and how they address the previous feedback we've given?
Comment by @oyiptong Dec 4, 2020 (See Github)
Hi folks, apologies about the delays.
Here's a quick summary:
- The enumeration API now provides an object,
FontMetadatathat is not related to Web Fonts - Font table data aren't accessible individually anymore
- There's a method to obtain byte-wise font data, i.e.
blob() - Use cases are now more elaborately fleshed out
Discussed
Jan 1, 2021 (See Github)
Tess wrote up a comment capturing our current thinking on this re: a picker-style alternative API approach.
Discussed
Jan 11, 2021 (See Github)
Tess: Want an in-page picker where each font is a live preview of itself.
... I understand the desire for that, once you get all of them (?) it's a can of worms that a picker would avoid
Lea: Seems like very limited use cases beyond an in-page picker.
Tess: Can accomplish most of those use cases in other ways. Would prefer a font picker to this API.
Rossen: There's a reason we have the file picker as a file picker...
Tess: <input type=file> is probably one of the best features in terms of how it implicitly grants permissions without showing a permission prompt: you grant permission to the single file when you pick it from the picker.
... Users don't think about fonts the same way they think about files. A lot of systems have native font picker dialogs, which you could imagine this would invoke.
Lea: That would also be a lot more [developer friendly] than a font API.
Tess: Geared towards complex, enterprise tools rather than middle-of-the-road web developers. Most developers aren't working on Google Docs, they're working on a rich text editor in something like WordPress. Bit of a smell when an API is really only for big tools, and overkill for little ones. If you're really dedicated to having that custom, in-page picker, input type=font wouldn't do the job for you, but you could still do it. Full Font Enumeration API is overkill.
Lea: Once pickers are more extensible and stleable they could cover more of those use cases as well.
Rossen: This goes back to the design principle we were talking about last week about high vs. low levels: enumerate your use cases, potential levels, ship the highest level API you can to begin with.
Tess: Also least power principle: font picker has less power than a font enumeration API.
... what's the status of the review?
... filed a bunch of issues previously, at least one was "why not use a picker"
Peter: Explainer lists goals, but the goals don't really shed any light on user needs.
Tess: They combined two proposals, more or less because we told them to.
Peter: One use case I can think of where you'd want low-level access... grouping similar types of fonts so users can pick types of fonts (with similar metrics, e.g)... font picker wouldn't provide that functionality, but not clear to me that S&P risks are worth it.
Lea: Any kind of font tool also... but very niche use cases.
Tess: This is being pursued precisely for the Google Docs kind of use case, where they would see it as more of a showstopper that we can't get the extra 10%, IIRC.
Rossen: Is it fair to suggest re-opening the conversation about the [font] picker, and have an additional conversation as warranted... what are we missing if we have the font picker only? Then becomes a conversation about how to extend the font picker to get the use cases they need.
Peter: We did leave a comment in this issue https://github.com/w3ctag/design-reviews/issues/399#issuecomment-561387155 in December 2019 saying a picker style API would be better... don't see a reply to that.
... can we ask again for their reasoning on that, as well as what are the user use cases, as opposed to the goals listed in the explainer?
... got a summary of changes, but not how they addressed the feedback.
Tess: https://github.com/WICG/local-font-access/issues/62 was opened by someone else very recently which is very relevant to our feedback.
... also one from Anne https://github.com/WICG/local-font-access/issues/36 which is also very similar. From July... "the website invokes query() and the user then gets a browser-driven dialog with which they can select zero or more fonts to expose to the website." Also still open, there has been some discussion on that.
Tess: I can try and write something up... along the lines of enumerating the points of feedback and issues that are yet to be addressed, particularly around the API being more powerful than needed for the 90% use case, and whether it could start from a picker model and be extended from there to address any gaps in functionality.
Comment by @hober Jan 26, 2021 (See Github)
I wrote in December 2019:
@plinss and I[...] share @dbaron’s & @ylafon’s desire for a "less-powerful APIs that could address [some of] the same use cases"—in particular, a picker-style API could allow sites to receive access to specific fonts that they need (like Consolas in the previous example) without exposing the list of installed fonts.
@plinss remembers a TPAC conversation from Fukuoka, perhaps in the Houdini TF, where a picker-style API got significant support.
We still believe that a picker-style API solves the most pressing user needs while having far preferable characteristics re: privacy, which we've documented in our Web Platform Design Principles document (specifically in 8.2. Use care when exposing APIs for selecting or enumerating devices).
Note that such an approach would also address WICG/local-font-access#36 and WICG/local-font-access#62.
From this comment it looks like you're considering a picker-style API alternative. We look forward to learning more about it.
Comment by @oyiptong Jan 27, 2021 (See Github)
Indeed, we've been making progress with the API and have been prototyping a chooser behind a flag. We're planning to launch another Origin Trial soon, with a modified API shape.
I'll be amending the explainer and spec copy soon.
Discussed
Mar 8, 2021 (See Github)
Bumped, waiting for feedback
Discussed
May 1, 2021 (See Github)
This has been pending external feedback for a while. They said they would update the explainer "soon", in January. Tess pinged them for an update.
Comment by @hober May 12, 2021 (See Github)
Indeed, we've been making progress with the API and have been prototyping a chooser behind a flag. We're planning to launch another Origin Trial soon, with a modified API shape.
I'll be amending the explainer and spec copy soon.
Any updates for us?
Discussed
Sep 1, 2021 (See Github)
Hasn't been updated since January, no response to our request for update in May. Closed with an invitation to the OP to reopen when and if they're ready.
Comment by @hober Sep 13, 2021 (See Github)
@plinss and I took another look at this today in our F2F and it seems we're still waiting on updates from @oyiptong. We're going to close this; please let us know when you're ready for us to take another look and we'll reopen it.
Comment by @inexorabletash Mar 21, 2022 (See Github)
@hober @torgo and anyone else - I commented over in #400 (sorry about the two issues!) but we're ready for another look. Pinging here hoping for attention too.
OpenedAug 7, 2019
こんにちはTAG!
I'm requesting a TAG review of:
Further details:
We recommend the explainer to be in Markdown. On top of the usual information expected in the explainer, it is strongly recommended to add:
We'd prefer the TAG provide feedback as (please select one):
Please preview the issue and check that the links work before submitting. In particular, if anything links to a URL which requires authentication (e.g. Google document), please make sure anyone with the link can access the document.
¹ For background, see our explanation of how to write a good explainer.