Page MenuHomePhabricator
Create Task
Maniphest T168786

Monumental imports css from fonts.googleapis.com
Closed, ResolvedPublic
Actions

Description

While loading monumental I noticed some things being loaded from fonts.googleapis.com in https://tools.wmflabs.org/monumental/assets/bundle.min.js?v=17.05.02 . I'm pretty sure the Toollabs/WMF privacy policy doesn't allow that. I've been digging through the documentation and can't find the actual page explaining it. I'm pretty sure somewhere in Toollabs we have a place to host the standard static javascript / css things so you can use them without violating any privacy policies.

Related Objects
Search...

Event Timeline

Multichill created this task.Jun 25 2017, 10:08 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJun 25 2017, 10:08 AM
zhuyifei1999 added projects: Privacy, Toolforge, Monumental.Jun 25 2017, 10:11 AM
zhuyifei1999 removed subscribers: Privacy, Toolforge, Monumental.
Restricted Application added a project: Cloud-Services. · View Herald TranscriptJun 25 2017, 10:11 AM
zhuyifei1999 subscribed.Jun 25 2017, 10:14 AM

FWIW, a reverse proxy to fonts.googleapis.com is/was being worked on in T110027: Create a fonts CDN for use on Tool Labs, but currently stuck in code review.

Multichill added a comment.Jun 25 2017, 10:34 AM

Thanks, https://tools.wmflabs.org/cdnjs/ , that was the url I was looking for

Ricordisamoa added a parent task: T103934: Convert all Toolforge tools to use cdnjs for static libraries and fonts.Jun 25 2017, 10:37 AM
Yarl claimed this task.Jul 5 2017, 9:45 AM
zhuyifei1999 edited parent tasks, added: T172065: Hunt for Toolforge tools that load resources from third party sites; removed: T103934: Convert all Toolforge tools to use cdnjs for static libraries and fonts.Aug 2 2017, 4:40 PM
zhuyifei1999 added a subtask: T110027: Create a fonts CDN for use on Tool Labs.
zhuyifei1999 removed a subtask: T110027: Create a fonts CDN for use on Tool Labs.Aug 3 2017, 2:59 PM
zhuyifei1999 removed projects: Toolforge, Cloud-Services.
Liuxinyu970226 added a subscriber: MahmoudHashemi.Aug 9 2017, 4:09 AM
Liuxinyu970226 added a subscriber: Slaporte.
zhuyifei1999 mentioned this in T172065: Hunt for Toolforge tools that load resources from third party sites.Aug 11 2017, 1:47 AM
Yarl moved this task from Backlog to In-progress on the Monumental board.Sep 6 2017, 12:53 PM
Yarl closed this task as Resolved.Sep 6 2017, 9:54 PM
Yarl moved this task from In-progress to Done on the Monumental board.

Fix deployed today.

sbassett moved this task from Intake to Done on the Privacy board.Oct 16 2019, 5:34 PM
sbassett triaged this task as Medium priority.Oct 16 2019, 5:40 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits