Cookie

Caution


This article was published more than a year ago, there may have been developments.
Please take this into account.

Today (after more than five months) I get to write on the blog. And back at breakneck speed with an article to 007 that will make your hair stand on end users WordPress.

I discovered today that the version in WordPress 3.8 (Today we are 4.0) has been enabled by default in the backend the Open Sans font. In fact I had already noticed little slow in loading the backend, but I thought it was due to the new “engine” ie WordPress, instead is due to direct inclusion of a branded Google webfont.

On his private blog in January this year, Developer Wolfgang Wiese (alias xwolf) wrote an interesting article about the side effects of using Google webfont in the WordPress backend (in tedesco).

The following lines of code that can be found in any WordPress installation:

<link rel='stylesheet' id='open-sans-css' href='//fonts.googleapis.com/css?Family = Open   Sense: 300italic, 400italic, 600italic, 300,400,600&subset=latin,latin-ext&ver=3.8' type='text/css' media='all' />

The developers of WordPress, motivate post “Open-sans, building vs. linking” the decision to link the font without including. Basically it is like a hotlink to the service of Google not to burden the download of WordPress. Looking at the comments, however, it is not uncommon to find those who disagree with the decision, everyone is talking about privacy.

Why should not I use a font linked to my backend? Well, the reason there is not one:

  • privacy and security – Google know which pages loads,
  • local development or production,
  • availability of Google services – in some countries the access is limited to Google,
  • support for multiple languages – Google fonts do not always support the special characters from some language,
  • (as mentioned before,) performance – to Google's server a request comes loaded on every page.

Wolfgang Wiese gives us the solution not to rely fonts hosted by Google via a plugin, but what is the problem in “nutshell”?

The problem is provide Google Inc.. (a publicly traded company whose primary business is the trade data) information that tends to not want to share, or at least there is a chance that someone does not want to share them. User access can be monitored from Google getting even the’header connection. Tramite i cookie Google “understand” the user has an Administrator account or editor of a given site, or have relations with that particular site.

Unfortunately, Google can not control whether access has been made by mobile. But thanks to the cookie ID, and data unique to Google, you can “see” if someone logged in on a site or if the site is queried. If the account at the end makes a call to another site that allows Google to obtain personal data (example G the YouTube), then Google will be able to cross them and know who owns that account.

In his post Wolfgang sarcastically thanked the design team to provide WordPress your personal data Google in return for a minimal gain in performance. He can not fathom why the designers wanted to include the Google webfont without thinking twice, exposing and exposing users first-person in privacy issues, and what? Why Google webfont are beautiful, simple download of WordPress would be lighter? Or why others do the same?

Anche Wolfgang crea temi, plug-in and developed his personal CMS, knows very well how small it was an effort not to link the webfont. There is also to say that Google webfont are not “all the evil in the world“, You can also use lightly, but any user should consciously use them and have the opportunity to decide whether or not to use. Wolfgang believed to be lack of desire or lack of competence of the designers or sviluppagori, it would be enough to write a few lines to create a small section “Theme Options“.

Not enough?


TheJoe

I keep this blog as a hobby by 2009. I am passionate about graphic, technology, software Open Source. Among my articles will be easy to find music, and some personal thoughts, but I prefer the direct line of the blog mainly to technology. For more information contact me.

1 Comment

daniele · 20 December 2015 at 8:43 PM

fully agree!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.