[Openfontlibrary] ccHost compression

[Dave Crossland]

2008/11/2 Brendan Ferguson <drsassafras at gmail.com>:
>>
>> (c) when any individual files are added to the typeface, create a new
>> zip that includes everything
>
> For what reason? Downloading? Is this essential or ideal?

Here is the use-case scenario that this is for:

"Mary, soccer mom and scrap book hobbyist, is searching the web for
"free fonts". She finds OFLB and wants to browse all the fonts in the
library at once, and quickly download all the files for the dozen
typeface families she thinks are cute. She sees something about how
these fonts are free as in no price, but also free as in she can
change them, and she bookmarks the site to learn more about all that
later."

More simply: A user goes to a font's page, and wants to download all
the files associated with that font - font files, font sources,
license, FONTLOG, everything. A ZIP file with everything, available
with a single click, is ideal for this.

> ..... Now. It looks as though people can fill out "tags" and also a
> "description". We will not be able to do this while decompressing. The
> Name will have to take the form of the file name.

The name is the human name for the overall collection of files, and is
not directly related to those files. The tags and description are like
that too.

The upload form has a user fill these things in when they say the
location of the first file on the disk to be uploaded, and when they
click upload then the decompression would happen.

> I guess the easiest way to work this is to make them "hidden" by
> default. Navigating to the hidden files is confusing though. A
> consistent language on the file submission, (instead of "publish now"
> one could use "hide this file". One could also rename the tab in the
> user page from "hidden" to "unpublished" or something like that.
> Additionally after a compressed file has been uploaded, a link on the
> confirmation page could be provided to the "hidden" page.

Sorry, I don't understand this, please re-explain it :-) Perhaps
explain it from the point of view of a user, as the steps they take.

> Now to the issue of allowed file types. The most secure thing to do
> would only to allow certain file types. Files such as php files should
> not be allowed. Nor should any other executable file. The
> decompression will need to check for the file types and than filter
> out the ones we do not want.

Yes.

> Have we come to some kind of decision on how the file types is gong to
> work? How are we gong to solve the problem of all the source files?
> Should we just input them all or what?

I think a exclude list is better than an include list - that is, we
should exclude files with .exe .php and so on, and include any files
not matching this ban-list.