define('DISALLOW_FILE_EDIT', true); unFocus Projects – Kevin Newman and Ken Newman – Page 9 – Home of Scripts 'n Styles for WordPress, Backstage2D and History Keeper!

The Third Option for HTML Font Embedding

In the debate over whether web browser makers should implement .eot font support for Firefox in addition to their support for .ttf files (and .otf), their is an alternative that rarely gets any mention – SVG Glyphs in an html context. This is already supported by Opera 10, Safari 4, and Google Chrome (all prerelease at the time of this post). Using SVG Glyphs this way addresses a number of concerns, which are not often mentioned, or simply not well understood.

This gets sticky, but to understand the need for SVG glyphs you need to understand the debate around DRM. DRM doesn’t work. It’s such a failure, that Apple and others have completely abandoned it in their music formats, and game companies are starting to do the same. The reality is that if the crackers and pirates can get their hands on the material (like an encrypted music file), they are going to strip out the protection. So let’s write off DRM.

That’s not to say we should write off all forms of protection. Since we can’t stop the crackers, let’s concentrate on an area we can do something about, casual piracy. Consider a regular end user, who might view the source of a website, or checks their FireBug Net tab, and grab the font file to either install or use on their own system or website illegally. This is where SVG and EOT can play a role. EOT addresses both of these scenarios out of the box – it can be tied to a particular domain, so it cannot be easily installed on another website or blog, and it cannot be easily installed on an end user’s system folder, since it’s not a regular system font. By default, SVG addresses only one of these two problems – they can’t be installed on the user’s system, but they can be easily copied to another site. However, the EOT domain protection can be mimicked through the use of other web technologies. For example, you could serialize the SVG into a dataURL, and then further serialize that into some javascript (and even obfuscate and encrypt it if you wanted to), where you can do all the domain checks you want. This kind of protection is the ideal solution. It provides the maximum protection that DRM has ever been able to practically offer other – it makes it difficult for honest users to pirate fonts.

It is true that with enough googling, downloads and virus scans, the tools are available to extract something like an installable font from PDFs, SWFs, and even SVG files. For an end user to do that, they need a specific intent to steal the material, as well as a the technical capability to actually pull it off. Here we are back into pirate land, and those guys are more likely to hop on usenet, or bittorrent sites anyway – or their local file server at work, rather than attempt to extract some half version of a font from a PDF, EOT, SWF or SVG font (which tend to be subsetted). Dealing with them is a job for lawyers and the law, and it not a technical challenge. Fighting them on the wrong front will cost more than it nets, in terms of lost sales from not participating (and not making sales), or from the support headaches of dealing with ill-conceived DRM technology.

Having a font format that keeps the honest honest, is not too much for type designers to ask for. They spend a lot of time creating type faces, and frankly, they deserve some kind of protection from casual piracy – protection that is at least on par with the kinds of protection other forms of media are already receiving on the internet – and that even fonts are receiving in other formats, such as PDF and Flash SWF files.

Web browser makers, should implement EOT font support, the format supported by the 10,000 pound gorilla – Microsoft‘s Internet Explorer – which is huge, but they probably will not due mostly to a lack of interest from someone willing to do that work – and maybe other concerns. Since that is the case, SVG glyph fonts are great second choice. They provide all the protection that can be reasonably expected from an online media format, and starting over with a new font format is undesirable, if it means we have to wait for 10 more years to get any progress. The upshot is, it’s already in most of the current alternative browsers! Only Mozilla‘s Firefox has yet to implement SVG glyph support – they do seem ready to do it. The future of HTML font embedding is looking bright!

Update: I saw this earlier, but didn’t have the link handy. In bugzilla bug #119490 comment #15, John Daggett mentions that they plan to add this feature for Gecko 1.9.2. This is great news! It does mean more waiting though, as Gecho 1.9.2 is slotted to run whatever version of Firefox comes after the soon to be released 3.5 (3.6 at the moment).

MouseWheel on Mac

So for some reason MouseWheel.SCROLL events don’t work on Mac OS X. There is a fix! Gabriel over at Pixel Breaker created a script which fixes it up nicely.

The script did require some modification to get it to work with SwfHTML, since it was designed to work with SwfObject. It took very little modification to the JavaScript to make it work with any flash embedding script. The script has a register method that takes an id, and uses SwfObject’s getObjectById method to get the swf ref – I just changed the register method to take a swf reference instead of an id string, and viola! It works with anything now. While I was at it, I also took care of some errors you might get on non-mac browsers. Here’s how to use it:

[cc lang=’javascript’ ]
// with SwfHTML
swfmacmousewheel.registerObject(
unFocus.SwfUtilities.getSwfReference(“swfId”)
);

// with SwfObject
swfmacmousewheel.registerObject(
SwfObject.getObjectById(“swfId”)
);
[/cc]

You can really use any method you want to get a reference to the swf object, and pass that in.

Here is the updated swfmacmousewheel javascript file. Note, you will still need to grab the source and follow the instructions from Pixel Breaker.

ResponseEncoding in IIS7 for static html files in web.config

I couldn’t find any way to set ResponseEncoding in IIS7 for static html files in web.config.

The system.web setting using globalization doesn’t seem to fit anywhere in system.webServer like it seems like it should (someone please let me know if there is a way to do that).

Anyway, I did find a way to sort of shove it in there:

[cc lang=’xml’]












[/cc]

Correct User IP for WordPress comments on Mosso

Update #2: It looks like a couple of days after I posted this, the Mosso guys sent word on fresh clicks that the issue has been fixed on their end, rendering this plugin completely useless, days after I put it up. 🙂

I stumbled across a problem running WordPress on Mosso (Rackspace Clould) servers (which I’m now quite happily running unFocus.com on 🙂 ) in the Mosso Knowledge Base, where the ip address of the user is not properly recorded in comments when running in the Mosso cluster. The knowledge based linked to a fresh clicks article, but I wanted something a little easier to maintain than an inline hack. So I rolled a quick and dirty plugin, which seems to do the trick. Here is what it does:

[cc lang=’php’]
< ?php /* Plugin Name: unFocus.Mosso-User-IP Plugin URI: http://www.unfocus.com/projects/ Description: A plugin to set REMOTE_ADDR on Mosso clusters to HTTP_X_CLUSTER_CLIENT_IP to fix tracking and comment posts, etc. Version: 1.0a Author: Kevin Newman Author URI: http://www.unfocus.com/projects/ */ function unFocus_MossoUserIP() { $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP']; } add_action('init', 'unFocus_MossoUserIP'); ?>
[/cc]

That’s it! It just sets the regular REMOTE_ADDR value to the Mosso Server var HTTP_X_CLUSTER_CLIENT_IP. Pretty simple. 🙂 Update: I forgot to upload a zip archive. unFocus.Mosso-User-IP.zip