No joke: Cloudflare takes aim at Google fonts with ROFL

Cloudflare wants formatted text to flow faster into browsers, so has taken on Google with a webby font-delivery offering.

The content-delivery-network-and-more biz has two beefs with Google Fonts - one of which is that it's needlessly chatty.

In Cloudflare's telling, Google Fonts uses a cascading style sheet that resides at but stores font files at

"This separation results in a minimum of four round trips to the third-party servers for each resource request," wrote Cloudflare product chap Mat Bullock and software engineering manager William Woodhead. "These round trips are DNS lookup, socket connection establishment, TLS negotiation (for HTTPS), and the final round trip for the actual resource request. Ultimately, getting a font from Google servers to a browser requires eight round trips."

All that back and forth adds up to 150ms of page load time to a WordPress site, the pair wrote.

Their second beef is privacy. While the post acknowledges that Google doesn't collect info about font usage for ads or to set cookies, the pair note that the font-gathering interactions with the Big G means it can potentially collect IP addresses, user agents, details of the referrer page, and could measure how often each IP makes requests to Google.

"Any time you can prevent sharing your end user's personal data unnecessarily is a win for privacy," they wrote.

In what readers may not consider a colossal surprise, Cloudflare has addressed its own gripes.

The biz has challenged chattiness with an approach that sees it transmit fonts over the same HTTP/2 or HTTP/3 connection used to deliver other page resources. It's also done away with the CSS request.

"To achieve both the home-routing of font requests and the removal of the CSS request, we rewrite the HTML as it passes through Cloudflare's global network. The CSS response is embedded, and font URL transformations are performed within the embedded CSS," the post explains.

This approach is made possible by a tech Cloudflare calls ""ROFL" - the Response Overseer for FL.

The FL stands for Front Line - part of a framework called Cf-html that Cloudflare uses to parse HTML. As detailed in a February 2023 post, Cf-html had security challenges that saw Cloudflare re-work it, using Rust.

In the latest post, Bullock and Woodhead declare "ROFL paved the way for the development of Cloudflare Fonts."

The new service comes online in October. Sadly, Cloudflare's post doesn't specify a date, nor mention cost.

Also on Monday, Cloudflare announced it will start delivering incident reports to its customers, over an API and an RSS feed. NetAdmins can also choose to have the info piped into services like PagerDuty, or sent as boring old email. ®

About Us
Website HardCracked provides softwares, patches, cracks and keygens. If you have software or keygens to share, feel free to submit it to us here. Also you may contact us if you have software that needs to be removed from our website. Thanks for use our service!
IT News
Dec 9
Microsoft to intro dedicated mode for Cloud PCs

Latest Insider Build brings new features for Windows 365 Boot

Dec 8
What are you feeding your AI?

Commissioned AI is changing the world, but your AI algorithms might need a diet of high-quality data captured at the edge

Dec 8
A tailored approach to GenAI

Webinar How using Retrieval Augmented Generation can enhance your AI development and deployment

Dec 8
Messed up metadata could be to blame for Microsoft's Windows printer woes

It looks like everything is coming up HP. Do you want some help with that?

Dec 8
Microsoft's relationship with OpenAI now in competition regulator's sights

Has recent CEO, board shenanigans given rise to a merger situation? CMA is asking for a friend

Dec 8
Systemd 255 is here with improved UKI support

This is release 0b11111111 (0xFF) - what could possibly go wrong?

Dec 8
Meta trials Purple Llama project for AI developers to test safety risks in models

Security boosted and inappropriate content blocked in large language models