Cookie Into the (open) source


Google Webfont: dentro la talpa WordPress

Today (after more than five months) I get to write on the blog. And back at breakneck speed with an article to 007 that will make your hair stand on end users WordPress.

I discovered today that the version in WordPress 3.8 (Today we are 4.0) has been enabled by default in the backend the Open Sans font. In fact I had already noticed little slow in loading the backend, but I thought it was due to the new "engine" ie WordPress, instead is due to direct inclusion of a branded Google webfont.

On his private blog in January this year, Developer Wolfgang Wiese (alias xwolf) wrote an interesting article about side effects from the use of webfont Google in the backend of WordPress (in tedesco).

The following lines of code that can be found in any WordPress installation:

<link rel='stylesheet' id='open-sans-css' href='// = Open   Sense: 300italic, 400italic, 600italic, 300,400,600&subset=latin,latin-ext&ver=3.8' type='text/css' media='all' />

The developers of WordPress, motivate post "Open-sans, building vs. linking" the decision to link the font without including. Basically it is like a hotlink to the service of Google not to burden the download of WordPress. Looking at the comments, however, it is not uncommon to find those who disagree with the decision, everyone is talking about privacy.

Why should not I use a font linked to my backend? Well, reason there is not a single:

  • privacy and security - Google know which pages loads,
  • local development or production,
  • availability of Google services - in some countries, access is limited to Google,
  • support for multiple languages - Google fonts do not always support the special characters from some language,
  • (as mentioned before,) performance - to Google's server a request comes loaded on every page.

Wolfgang Wiese gives us the solution not to rely fonts hosted by Google via a plugin, but what is the problem in "nutshell"?

The problem is provide Google Inc.. (a publicly traded company whose primary business is the trade data) information that tends to not want to share, or at least there is a chance that someone does not want to share. User access can be tracked with Google getting even the 'header connection. Tramite i cookie Google "understand" the user has an account director or editor of a given site, or have relations with that particular site.

Unfortunately, Google can not control whether access has been made by mobile. But thanks to the cookie ID, and data unique to Google, you can "see" if someone logged in on a site or if the site is queried. If the account at the end makes a call to another site that allows Google to get personal information (example G the YouTube), We will then cross them and know who owns that account.

In his post Wolfgang sarcastically thanked the design team to provide WordPress your personal data Google in return for a minimal gain in performance. He can not fathom why the designers wanted to include the Google webfont without thinking twice, exposing and exposing users first-person in privacy issues, and what? Why Google webfont are beautiful, simple download of WordPress would be lighter? Or why others do the same?

Anche Wolfgang crea temi, plug-in and developed his personal CMS, knows very well how small it was an effort not to link the webfont. There is also to say that Google is not webfont "all the evil in the world", You can also use lightly, but any user should consciously use them and have the opportunity to decide whether or not to use. Wolfgang believed to be lack of desire or lack of competence of the designers or sviluppagori, it would be enough to write a few lines to create a small section "Theme Options".


I keep this blog as a hobby by 2009. I am passionate about graphic, technology, software Open Source.

Among my articles will be easy to find music, and some personal thoughts, but I prefer the direct line of the blog mainly to technology.

For more information contact me.

Comments (1) Trackbacks (0)

Leave a comment

No trackbacks yet.