X
Tap here to go to the mobile version of the site.

Support Forum

Is anyone else finding that new (as of couple days ago) Firefox isn't displaying embedded fonts correctly?

Posted

I have an embedded font on my website that I use for the header, and it displays fine. I have a development copy of the website on my hard disk, and that displayed fine too until Firefox 68.0; but now it uses the second font in my list, instead of the first.

So: some bug in the code of the copy on my disk, I thought. But when I open it in Safari, Chrome or Brave, it displays correctly.

The W3C CSS validation service finds no error in the code.

I'm stumped. Any ideas?

I have an embedded font on my website that I use for the header, and it displays fine. I have a development copy of the website on my hard disk, and that displayed fine too until Firefox 68.0; but now it uses the second font in my list, instead of the first. So: some bug in the code of the copy on my disk, I thought. But when I open it in Safari, Chrome or Brave, it displays correctly. The W3C CSS validation service finds no error in the code. I'm stumped. Any ideas?

Chosen solution

hi paul, this is likely happening due to this security fix: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11730

try to change privacy.file_unique_origin to false in about:config, restart firefox and see if this can make a difference (please note that this makes you vulnerable to the described security problem though).

Read this answer in context 2
Quote

Additional System Details

Installed Plug-ins

  • Shockwave Flash 32.0 r0
  • Shockwave Flash 10.0 r45

Application

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0) Gecko/20100101 Firefox/68.0

More Information

philipp
  • Top 25 Contributor
  • Moderator
5282 solutions 23336 answers

Chosen Solution

hi paul, this is likely happening due to this security fix: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11730

try to change privacy.file_unique_origin to false in about:config, restart firefox and see if this can make a difference (please note that this makes you vulnerable to the described security problem though).

hi paul, this is likely happening due to this security fix: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11730 try to change ''privacy.file_unique_origin'' to false in about:config, restart firefox and see if this can make a difference (please note that this makes you vulnerable to the described security problem though).
Was this helpful to you? 2
Quote

Question owner

Yes! That did the trick, many thanks.

Mind you, I still don't understand why the problem arises…

Yes! That did the trick, many thanks. Mind you, I still don't understand why the problem arises…
Was this helpful to you?
Quote
philipp
  • Top 25 Contributor
  • Moderator
5282 solutions 23336 answers

Helpful Reply

basically this change in 68 was isolating files in your local environment from each other, so a downloaded malicious html file wouldn't be able to access other content on your disk once opened.

basically this change in 68 was isolating files in your local environment from each other, so a downloaded malicious html file wouldn't be able to access other content on your disk once opened.
Was this helpful to you? 2
Quote
paul.corless 0 solutions 2 answers

This is a major problem for web developers using dreamweaver. In preview mode the URL is going to start with file:/// Which is then going to block all fonts because of your CORS policy.

This now means none of my fonts, webfonts, icon fonts now show in firefox browser without the above hack. This is a serious problem for web designers.

Every version of firefox previously has worked just fine.

This is a major problem for web developers using dreamweaver. In preview mode the URL is going to start with file:/// Which is then going to block all fonts because of your CORS policy. This now means none of my fonts, webfonts, icon fonts now show in firefox browser without the above hack. This is a serious problem for web designers. Every version of firefox previously has worked just fine.

Modified by paul.corless

Was this helpful to you?
Quote
aolszowka 0 solutions 1 answers

This also breaks any one who has an external XSLT; the bug is private in the tracker database. What is the acceptable work around to get this to work?

This is a pretty fundamental change and the description of the CVE really reeks of "Code Execution Results in Code Execution".

This also breaks any one who has an external XSLT; the bug is private in the tracker database. What is the acceptable work around to get this to work? This is a pretty fundamental change and the description of the CVE really reeks of "Code Execution Results in Code Execution".
Was this helpful to you?
Quote
paul.corless 0 solutions 2 answers

I have rolled back to previous version. Version 68, is a seriously botched release. You cannot even get out of responsive mobile view in developer tools. As the toggle mobile/desktop no longer even works.

I have rolled back to previous version. Version 68, is a seriously botched release. You cannot even get out of responsive mobile view in developer tools. As the toggle mobile/desktop no longer even works.
Was this helpful to you?
Quote
Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.