nekocave.xyz
at least somebody cares:
A regional court in the German city of Munich has ordered a website operator to pay €100 in damages for transferring a user's personal data — i.e., IP address — to Google via the search giant's Fonts library without the individual's consent.The unauthorized disclosure of the plaintiff's IP address by the unnamed website to Google constitutes a contravention of the user's privacy rights, the court said, adding the website operator could theoretically combine the gathered information with other third-party data to identify the "persons behind the IP address."
Maybe it is time to get away from #googlefonts as well.
I reported this to my bank that used google fonts in their telebank site. for quite long time they did not understand the risks of data leakage on secure operations, but I wrote them again and again and they finally removed the links.
I wonder how it will go further.
It is normal practice for websites to link to each other and hotlink/embed external resources. Sometimes it can't be controlled (e.g. some forums/comments/etc. allow inserting external images).
Is it all going to become violations now as any external service can collect request data?
if you want external link - refer it as explicit external link, possibly with warning that user leaves your site. this is the best practice.
How about CDN?
Also define external. Is another subdomain external? How about another domain you own? How people are supposed to check?
@jonatasbaldin Static HTML\XML or plain text - good idea :)
Small, fast, crossplatform, secure
Yep, it is possible.
However the result won't be liked by the most people.
It is. If something isn't liked by target audience it will fail.
Again look at any modern web store. It typically has search with autocomplete, dynamic loading of items, various filters, shopping cart with dynamic total updating, etc.
Do any of these without JS. Yes, it is doable. But most likely it will be hard to implement. not convenient to use and probably ugly as well.
I doubt any project manager ever says: hey guys, we need at least ten scripts on every page! What they say are things like: this form has to check if the phone number is in correct format and warn if not.
In my opinion tools are tools. I always find it suspicious when people try to idolize or demonize tools. Some tools are good, some are not so much but it all depends on purpose.
JS is misused a lot but it has its uses as well. Maybe we need better scripting language for the web pages. As for nefarious uses of JS - this is what has to be resisted, not the technology itself.
I don't think JS implies misuse, it rather lacks control. In fact it is not even JS that lacks control but browsers themselves. And yes, it is not easy to fix, especially for generic users.
Myself I'd like to see some alternative which supports sandboxing and permission control by design. Also I'd like to see far less use of JS in general. But I don't think it is realistic to expect people to just drop it.