[TYPO3-english] protect (and still use) font folder

Mike Meir mike at gateseven.co.uk
Thu Apr 5 11:21:41 CEST 2012 

Hi Katya

See http://www.microsoft.com/typography/WEFT.mspx

This enables you to download the Microsoft WEFT software for creating
.eot files from .ttf or .otf fonts files, provided their embedding
permissions are set to allow embedding.

.eot files are both compressed and encrypted (rather lightly). They may
also be subsetted to contain only the glyphs used in the document
(though that could be a problem with a CMS where you cannot predict the
text), and they can be locked so that they only work for text from a
given url when it is displayed within a browser. They are supported by
(many) modern browsers.

So, although they have to be downloaded, they can be protected enough to
put off the casual pirate, and if they are downloaded through
illegitimate routes they can still only be used to display the text from
the web site they are locked to, within a browser.

A more pertinent issue may well be that the fonts are not licensed for
use from a web server, and/or the embedding bit may be set to prevent
.eot files from being generated from them.  In that case the foundry may
or may not be willing to produce .eot files licensed for embedding  on a
particular web site. However, fonts in this class are probably also
"optimised" for print use, and not hinted especially well for use on
screen. So they probably won't look too good either, particularly at
small sizes.

Best Wishes


Mike


-----Original Message-----

Date: Wed, 4 Apr 2012 22:41:13 +0000 (UTC)
From: bernd wilke <t3ng at pi-phi.tk>
Subject: Re: [TYPO3-english] protect (and still use) font folder
To: typo3-english at lists.typo3.org
Message-ID: <mailman.1.1333579273.9171.typo3-english at lists.typo3.org>
Content-Type: text/plain; charset=UTF-8

Am Wed, 04 Apr 2012 10:07:17 +0300 schrieb Katja Lampela:

> Hi,
> okay, thank you Bj?rn for this information.
> 
> 4.4.2012 9:32, Bj?rn Pedersen kirjoitti:
>> On 04.04.2012 07:55, Katja Lampela wrote:
>>> Hi,
>>>
>>> In one of my client's site they use @font-face method and the font 
>>> files need to be protected from download.
>>>
>>> Using the simplest method, .htaccess+.htpasswd doesn't work, since 
>>> the fonts can't be used at all without logging in.
>>>
>>> How would you recommend I do this?
>>> I have this link/method, but it seems a bit complicated:
>>> http://subjectiveobject.com/2009/10/28/securing-font-face/
>>>
>> Hi,
>>
>> well, to use the font it needs to be downloaded to the client. There 
>> is no way around that. You may make it harder to save this font file 
>> to disk, but you can not prevent it fully. The only way would be to 
>> render everything as images, but that is no real solution as well.
>>
>> So you can make it harder as done in your link by going trough some 
>> php file loader, but thats all you can do.
>>
>> Bj?rn

you may use "cufon".
not as simple as @font-face, but possible:
it renders all text on the fly into canvas-graphics with the desired
font, the original font-file does not need to be accessible, so
something like a dump is done (the font is renderd into javascript
arrays which might enable others to use it the same way as you)


bernd
--
http://www.pi-phi.de/cheatsheet.html


------------------------------

_______________________________________________
TYPO3-english mailing list
TYPO3-english at lists.typo3.org
http://lists.typo3.org/cgi-bin/mailman/listinfo/typo3-english

End of TYPO3-english Digest, Vol 103, Issue 7
*********************************************

More information about the TYPO3-english mailing list