Allow more options for when to download the common web fonts.

[jyasskin]

And describe the possible history leak in more detail.

@bholley @annevk, can you let me know if this is an accurate description of the problem in #7, and whether the extra flexibility here makes you like the proposal better? Do you think it's important that all browsers align on when fonts are cached? I think that particular difference can't introduce pressure to align with the most popular browser, although I could be wrong.

[bholley]

While I very much appreciate the effort to represent these concerns accurately, I'm not sure this proposal is really the right place for it.

The Web Shared Libraries conversation seeks a mechanism to share arbitrary popular resources across sites. Such a mechanism would naturally support web fonts as a resource type, and we probably don't want to build an orthogonal font-specific mechanism (i.e. I agree with the current text in this PR that the solutions should align).

So rather than partially addressing the privacy and performance trade-offs in this proposal, I might suggest that we fold those into the Web Shared Libraries discussion, and focus this proposal on font restriction, with a discussion of why it might be problematic to ship without something like WSL.

[bholley]

And in particular - I would love to see this proposal attempt to analyze and quantify the harm we expect from system font restriction, which could better-motivate WSL.

[jyasskin]

@bholley I'm hesitant to have this defer all the discussion to a Google Doc instead of an actual proposal in a repository. I've asked in that doc to have it move to a repository, and then I'm happy to point there instead of duplicating discussion here. I suspect that fonts are an easier problem to solve than libraries in general, so we might be able to move on fonts first, but I could be wrong.

The Privacy Sandbox team within Chrome will be collecting data on the harm from system font restriction, and when they're done, they should be able to put it here.