Page MenuHomePhabricator

Monumental imports css from fonts.googleapis.com
Closed, ResolvedPublic

Description

While loading monumental I noticed some things being loaded from fonts.googleapis.com in https://tools.wmflabs.org/monumental/assets/bundle.min.js?v=17.05.02 . I'm pretty sure the Toollabs/WMF privacy policy doesn't allow that. I've been digging through the documentation and can't find the actual page explaining it. I'm pretty sure somewhere in Toollabs we have a place to host the standard static javascript / css things so you can use them without violating any privacy policies.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 25 2017, 10:08 AM
Restricted Application added a project: Cloud-Services. · View Herald TranscriptJun 25 2017, 10:11 AM

FWIW, a reverse proxy to fonts.googleapis.com is/was being worked on in T110027: Create a fonts CDN for use on Tool Labs, but currently stuck in code review.

Thanks, https://tools.wmflabs.org/cdnjs/ , that was the url I was looking for

Yarl claimed this task.Jul 5 2017, 9:45 AM
Yarl moved this task from Backlog to In-progress on the Monumental board.Sep 6 2017, 12:53 PM
Yarl closed this task as Resolved.Sep 6 2017, 9:54 PM
Yarl moved this task from In-progress to Done on the Monumental board.

Fix deployed today.