Language file for FormBuilder is loaded from CDN #217
Comments
|
Yeah, I can see the value on have all the downloads in-house but, honestly I don't see it as a big deal. Can you elaborate why is not GDPR friendly? It is not using cookies or moving data in any sense... |
|
Not sure how detailed I should be, do you know about the Schrems II judgement? Since IP adress is PII, even a minimal service such as a CDN can be used to track people and we know since Snowden that the US government does that in a systematic way. So all these services are forbidden if they are owned by a US-based company according to GDPR: Google Fonts, Cloudflare, etc... |
|
Hello, seems there is a config to load language files from local. I guess we could add the files in the public directory and define the formbuilder config i18n.location. |
I'm sure it isn't much difficult to do this. PRs welcomed! |
|
Happy to send it, but I'm unsure where to add these |
Describe the bug
For each page load of the platform (starting with the homepage), a call is made to the following address:
https://cdn.jsdelivr.net/npm/[email protected]/en-US.langIt seems to come from this line of code.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
This is an issue as with most CDN since they load their files from servers in third countries and are almost always American companies. In this specific case, my test returned Cloudflare and California. So not GDPR-friendly.
If needed, this file should be loaded from the server. It's only 3kb. It might also be an error since I'm not sure that specific file is needed at all time.
More info (please complete the following information):
The text was updated successfully, but these errors were encountered: