Sanitizer for OpenType
C++ M4 Makefile Shell
Latest commit 5c84532 Feb 25, 2017 @khaledhosny [test] Just check that we reject the bad fonts
Re-purposing the script so it just does a simple check for passing/not
passing OTS sanitization. We might need a different test that checks for
fonts we pass but drop some tables.

OpenType Sanitizer

The OpenType Sanitizer (OTS) parses and serializes OpenType files (OTF, TTF) and WOFF and WOFF2 font files, validating them and sanitizing them as it goes.

The C library is integrated into Chromium and Firefox, and also simple command line tools to check files offline in a Terminal.

The CSS font-face property is great for web typography. Having to use images in order to get the correct typeface is a great sadness; one should be able to use vectors.

However, on many platforms the system-level TrueType font renderers have never been part of the attack surface before, and putting them on the front line is a scary proposition... Especially on platforms like Windows, where it's a closed-source blob running with high privilege.




See docs

Thanks to Alex Russell for the original idea.