In bug 1376964, we added an approach to allow sync load of font which has already been loaded before. It uses a global table and records whether each font loaded in the past is allowed to be loaded given a new document. This have two downsides: 1. The policy check is not guaranteed to be free from side effect, so checking a document principal against each font loaded in the past regardless of where it is from can cause confusion to the security module. This has caused bug 1384741 and bug 1420680 for example. There might be more policy checkers add to this list, and the solution in bug 1384741 may not be very scalable. 2. This also feels quite inefficient, both on memory footprint and on pre-traversal performance. I wonder whether we can use a different approach, for example, we just check all urls appears in the font set of the document, and cache the result in the font set. This way we don't need to track every font loaded in the past against every new document, and we would never query policy checker with a font the document is never going to use.
[Triage 2018/03/23 - P3]
Priority: -- → P3
You need to log in before you can comment on or make changes to this bug.