Change Details

Hello! In the Basque project [[ https://eu.wikipedia.org/wiki/Txikipedia:Azala | Txikipedia ]] we use the font-face "Gochi Hand" for making things more interesting to kids. This font is loaded in [[ https://eu.wikipedia.org/wiki/MediaWiki:Gadget-TxikipediaTab.css | MediaWiki:Gadget-TxikipediaTab.css ]] to import it from the toolserver, instead of from Google Fonts: **Previous code** ``` @import url('https://fonts.googleapis.com/css?family=Gochi+Hand'); ``` **Current code** ``` @import url(https://tools-static.wmflabs.org/fontcdn/css?family=Gochi+Hand); ``` Some weeks ago, without further notice, @Ajraddatz made a change per [[ https://meta.wikimedia.org/wiki/Steward_requests/Miscellaneous/2018-10#Please_remove_privacy_violating_site_CSS | m:SRM ]] asked by @Legoktm. Currently the only way we have to put this font (that has been decided to use in Txikipedia) is using the toolserver fontcdn tool, **because** is the only way to have fonts without information being tracked. If we can't have this call to a font in toolserver, we would need another way to have this typography deployed in our wiki, but I want to be sure that this is really a security breach before proceeding.

Hello! In the Basque project [[ https://eu.wikipedia.org/wiki/Txikipedia:Azala | Txikipedia ]] we use the font-face "Gochi Hand" for making things more interesting to kids. This font is loaded in [[ https://eu.wikipedia.org/wiki/MediaWiki:Gadget-TxikipediaTab.css | MediaWiki:Gadget-TxikipediaTab.css ]] to import it from toolforge, instead of from Google Fonts: **Previous code** ``` @import url('https://fonts.googleapis.com/css?family=Gochi+Hand'); ``` **Current code** ``` @import url(https://tools-static.wmflabs.org/fontcdn/css?family=Gochi+Hand); ``` Some weeks ago, without further notice, @Ajraddatz made a change per [[ https://meta.wikimedia.org/wiki/Steward_requests/Miscellaneous/2018-10#Please_remove_privacy_violating_site_CSS | m:SRM ]] asked by @Legoktm. Currently the only way we have to put this font (that has been decided to use in Txikipedia) is using the toolforge fontcdn tool, **because** is the only way to have fonts without information being tracked. If we can't have this call to a font in toolforge, we would need another way to have this typography deployed in our wiki, but I want to be sure that this is really a security breach before proceeding.

Hello! In the Basque project [[ https://eu.wikipedia.org/wiki/Txikipedia:Azala | Txikipedia ]] we use the font-face "Gochi Hand" for making things more interesting to kids. This font is loaded in [[ https://eu.wikipedia.org/wiki/MediaWiki:Gadget-TxikipediaTab.css | MediaWiki:Gadget-TxikipediaTab.css ]] to import it from the toolservertoolforge, instead of from Google Fonts: **Previous code** ``` @import url('https://fonts.googleapis.com/css?family=Gochi+Hand'); ``` **Current code** ``` @import url(https://tools-static.wmflabs.org/fontcdn/css?family=Gochi+Hand); ``` Some weeks ago, without further notice, @Ajraddatz made a change per [[ https://meta.wikimedia.org/wiki/Steward_requests/Miscellaneous/2018-10#Please_remove_privacy_violating_site_CSS | m:SRM ]] asked by @Legoktm. Currently the only way we have to put this font (that has been decided to use in Txikipedia) is using the toolserverforge fontcdn tool, **because** is the only way to have fonts without information being tracked. If we can't have this call to a font in toolserverforge, we would need another way to have this typography deployed in our wiki, but I want to be sure that this is really a security breach before proceeding.