Third Party Requests to Google Fonts #5883
Labels
frontend
The Docusaurus app serving the docs site
needs-discussion
A consensus is needed to move forward
self-hosting
Discussion, problems, features, and documentation related to self-hosting Shields
Comments
calebcartwright
added
frontend
SISheogorath
added a commit
to SISheogorath/shields
that referenced
this issue
Mar 16, 2021
This patch uses the fontsource libraries instead of using Google Fonts in order to provide the fonts in the frontend. This way the web frontend becomes more private, since it no longer shared visitors IPs with Google and might even loads faster since modern web browsers isolate site caches from each other and can re-use connections with HTTP/2 instead of setting up a new connection to Google.[1] It's basically the next iteration of my previous PR[2], that no longer relies on a tool to download the fonts separately, but uses a library instead. It also relates to issues that have been opened before[3] and should be easily handled and upgraded by the regular NPM package tooling[4], solving all related problems to that. [1]: https://csswizardry.com/2019/05/self-host-your-static-assets/ [2]: badges#4864 [3]: badges#5883 [4]: https://github.com/badges/shields/labels/dependencies
SISheogorath
added a commit
to SISheogorath/shields
that referenced
this issue
Mar 16, 2021
This patch uses the fontsource libraries instead of using Google Fonts in order to provide the fonts in the frontend. This way the web frontend becomes more private, since it no longer shared visitors IPs with Google and might even loads faster since modern web browsers isolate site caches from each other and can re-use connections with HTTP/2 instead of setting up a new connection to Google.[1] It's basically the next iteration of my previous PR[2], that no longer relies on a tool to download the fonts separately, but uses a library instead. It also relates to issues that have been opened before[3] and should be easily handled and upgraded by the regular NPM package tooling[4], solving all related problems to that. [1]: https://csswizardry.com/2019/05/self-host-your-static-assets/ [2]: badges#4864 [3]: badges#5883 [4]: https://github.com/badges/shields/labels/dependencies
|
I just added a new version of my previous PR that resolves the fonts using NPM packages instead of manually maintaining the fonts inside the project. I hope this will help to resolve the situation. |
PyvesB
pushed a commit
that referenced
this issue
Mar 16, 2021
This patch uses the fontsource libraries instead of using Google Fonts in order to provide the fonts in the frontend. This way the web frontend becomes more private, since it no longer shared visitors IPs with Google and might even loads faster since modern web browsers isolate site caches from each other and can re-use connections with HTTP/2 instead of setting up a new connection to Google.[1] It's basically the next iteration of my previous PR[2], that no longer relies on a tool to download the fonts separately, but uses a library instead. It also relates to issues that have been opened before[3] and should be easily handled and upgraded by the regular NPM package tooling[4], solving all related problems to that. [1]: https://csswizardry.com/2019/05/self-host-your-static-assets/ [2]: #4864 [3]: #5883 [4]: https://github.com/badges/shields/labels/dependencies
|
Aforementioned pull request is now live on our servers, thanks again @SISheogorath for the contribution and @samuel-p for raising the issue. Do let us know if you have any further concerns by opening a new issue, for now I'll close this one. 😉 |
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
📋 Description
At the moment shields does third party requests to Google. CDNs are bad from a privacy and security perspective. So please replace them completely with self-hosted files or at least provide an option to disable it for self-hosted instances. You can download the fonts from google-webfonts-helper if you want to self-host it.
https://webbkoll.dataskydd.net/en/results?url=http%3A%2F%2Fshields.io%2F#requests
The text was updated successfully, but these errors were encountered: