Nostr Web Client

Did you know Google Fonts is installed on approximately 111,579,992 websites, with around 50,103,810 of those currently live?

Did you also know if you visit a site that uses Google Fonts, it automatically collects user:

- IP address: Which identifies your device on the internet (as of 2022, Google stopped storing users' IP addresses, but they still collect this information).

- User agent: Information about your browser and operating system.

- Referer: The URL of the webpage you are visiting.

...and is therefore "out-of-the-box" in violation of GDPR law?

If you are a website visitor:

You can block 3rd party fonts (web fonts) with uBlock Origin.

1. Open uBlock Origin's dashboard.

2. Go to the "My filters" tab.

3. Add the following line to block Google Fonts:

*$font,third-party

4. Click "Apply changes" to save the filter rule.

There is an even stricter option that blocks ALL remote fonts (not just Google Fonts) that you can activate by selecting "Block remote fonts" in the extension's settings.

*Sites that do not display properly can be excluded from the block.

If you are a website owner:

You can protect your visitors' privacy by hosting your own fonts locally (on the same server as your web pages), using basic OS fonts, or checking out Bunny.

If you haven't heard of Bunny CDN, they offer the only fully GDPR-compliant fonts powered by a CDN as a drop-in replacement for Google fonts.

According to Bunny:

"Bunny Fonts is an open-source, privacy-first web font platform designed to put privacy back into the internet.

With a zero-tracking and no-logging policy, Bunny Fonts helps you stay fully GDPR compliant and puts your users' personal data into their own hands."

https://bunny.net/fonts/

As a side note: Bunny CDN also has one of the most transparent, easy-to-read and understand privacy and data policy pages I have ever seen.

Well done Bunny, well done.

https://bunny.net/privacy/

cloud fodder 1y ago

is there a way to see if google fonts got included in my fancypants nextjs compile or if its tracking? #lazyweb should i look in ublock origin? its supposed to bundle it in but i duno for sure.

Reply to this note

Please Login to reply.

Discussion

Ava 1y ago

There are a few of ways:

1. You can inspect the HTML by running your compile in a web browser, open the developer tools, go to the network tab, reload the page and look for (fonts.googleapis.com) or (fonts.gstatic.com) *without the parenthesis*

2. Check the code by looking into your _document.js or _app.js files for any tags that reference Google Fonts

3. Review your CSS files for any (@import) *without the parenthesis* for any statements that include Google Fonts.

And yes, you can also use uBlock Origin to check for Google fonts as well.

Go to the web page of your (Next.js) application in your browser and open uBlock Origin's Logger. Reload the page and watch for any requests made to (fonts.googleapis.com) or (fonts.gstatic.com). These are the domains used by Google Fonts to serve fornt files.

It's also worth noting that (Next.js) has a built-in feature that automatically optimizes and self-hosts Google Fonts. When you include Google Fonts using the next/font/google import, the fonts are downloaded and served from the same domain as your deployment, eleminating requests to Google's servers.

Let me know how you go :)

cloud fodder 1y ago

marked safe from google font tracking i believe. checked network tab, pretty clean.

next/font ftw

Ava 1y ago

Awesome 🤙

nobody 1y ago

Bunny is awesome. It’s where I’ve been migrating everything from Cloudflare.

CaqKa 1y ago

If i put this two domains into pi-hole i should achieve same result network wide?

I assume ublock solution is only on the level of the browser.