Can anyone help with this error I've been getting since upgrading mathstodon.xyz to 4.2?
In Firefox, I get an error "downloadable font: rejected by sanitizer" when downloading https://mathstodon.xyz/packs/media/fonts/Sans/cmunss-0745961ddcecad8aa4fd00b9e39cce11.woff.
The Network tab says only 948B were transferred; the file is 77KB on disk. Because it's a font, Firefox won't show me the received raw data in the Response tab.
When I redo the request as a curl command, I get the whole file. I didn't change the nginx config when upgrading, and other woff fonts have loaded.
I'm at a loss!
This sounds like _when the thing is downloaded for use a font_ Firefox considers it invalid.
https://github.com/mozilla/gecko-dev/blob/57f94ca1d57ab745242daafc8926690377579b83/gfx/thebes/gfxUserFontSet.cpp#L692 is where the error is likely generated, and https://github.com/mozilla/gecko-dev/blob/57f94ca1d57ab745242daafc8926690377579b83/gfx/thebes/gfxUserFontSet.cpp#L193 is likely where it's caused.
That seems to refer to https://github.com/khaledhosny/ots, which seems to have a CLI tool to sanitize a font: https://github.com/khaledhosny/ots/blob/main/util/ots-sanitize.cc
If I have time in the evening I might try building it and running it against the font you have to see what the problem is.
@christianp also, I strongly doubt it has anything to do with cors. Font sanitization is there to protect the computer from the websites.