21943 – Security on measureText is unneccessary

This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.

Bug 21943 - Security on measureText is unneccessary

Summary: Security on measureText is unneccessary

Status:	RESOLVED WONTFIX

Alias:	None

Product:	WHATWG
Classification:	Unclassified
Component:	HTML (show other bugs)
Version:	unspecified
Hardware:	PC Windows NT

Importance:	P2 normal
Target Milestone:	Unsorted
Assignee:	Ian 'Hixie' Hickson
QA Contact:	contributor

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:	21944
	Show dependency tree / graph

Reported:	2013-05-06 21:24 UTC by rcabanie
Modified:	2013-06-07 23:08 UTC (History)
CC List:	3 users (show)

See Also:

Attachments

Description rcabanie 2013-05-06 21:24:33 UTC

The canvas 2d spec currently states that a font has to be local in order for measureText to work: 
If doing these measurements requires using a font that has an origin that is not the same as that of the Document object that owns the canvas element (even if "using a font" means just checking if that font has a particular glyph in it before falling back to another font), then the method must throw a SecurityError exception.
http://www.whatwg.org/specs/web-apps/current-work/multipage/the-canvas-element.html#dom-context-2d-measuretext
http://www.w3.org/TR/2dcontext/#dom-context-2d-measuretext

After a small discussion on the mailing list, we agreed that the spec should not have this text. Instead it should be silent and rely on the general font loading algorithm that CSS specifies.

Comment 1 Ian 'Hixie' Hickson 2013-06-07 23:08:41 UTC

see response on the list