-
Notifications
You must be signed in to change notification settings - Fork 9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prevent loading resources from third party CDN #4598
Prevent loading resources from third party CDN #4598
Conversation
Remove usage of Google Fonts to avoid any data protection issue. Using a CDN will leak data to a third party that can be simply avoided by using system fonts instead. Furthermore the usage of CDNs can cause legal issues in EU countries.
I'd hate to see our pretty fonts go away, but I do recognize the weight of potential GDPR issues. As was discussed downstream, we could look at making this a configuration option (perhaps something generic like @webron, thoughts? |
The used fonts are licensed as following:
See: https://fonts.google.com/attribution Therefore the alternative of using the Google Fonts API is to bundle the fonts directly with the build of Swagger and add it to the distribution. Then no external resources are needed and still the pretty fonts can be used. |
thanks @markuspoerschke! |
swagger-ui 3.17.3 included this PR, which stopped using Google Web Fonts: swagger-api/swagger-ui#4598 ... So it's no longer necessary to load the Google Web Fonts CSS anymore.
swagger-ui 3.17.3 included this PR, which stopped using Google Web Fonts: swagger-api/swagger-ui#4598 ... So it's no longer necessary to load the Google Web Fonts CSS.
Following the change in the swagger-ui: swagger-api/swagger-ui#4598
swagger-ui 3.17.3 included this PR, which stopped using Google Web Fonts: swagger-api/swagger-ui#4598 ... So it's no longer necessary to load the Google Web Fonts CSS. (cherry picked from commit ead61ab) Conflicts: indexTemplate.html
…ger-api#4598) Remove usage of Google Fonts to avoid any data protection issue. Using a CDN will leak data to a third party that can be simply avoided by using system fonts instead. Furthermore the usage of CDNs can cause legal issues in EU countries.
Description
Motivation and Context
Checklist
My PR contains...
src/
is unmodified: changes to documentation, CI, metadata, etc.)package.json
)My changes...
Documentation
Automated tests