[Bug 45160] New: Eliminate JavaScript and CDN usage from AppDB for better privacy and security of the visitors.
wine-bugs at winehq.org
wine-bugs at winehq.org
Wed May 9 11:11:17 CDT 2018
https://bugs.winehq.org/show_bug.cgi?id=45160
Bug ID: 45160
Summary: Eliminate JavaScript and CDN usage from AppDB for
better privacy and security of the visitors.
Product: WineHQ Apps Database
Version: unspecified
Hardware: x86
OS: Linux
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: appdb-unknown
Assignee: wine-bugs at winehq.org
Reporter: kolan_n at mail.ru
Distribution: ---
There are some security and privacy issues in appdb.
0 It uses files from CDNs. You should store them locally and load them from own
server. If you can't do that, please enforce their integrity with
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity .
1 It is non-functional without JavaScript even though the same functionality is
achieved without using any JavaScript. For example drop-down panels are
implemented in browsers as a pair of HTML tags. Drop-down menus can be
implemented as css. There are lot of things that don't require any JS lines.
You should really consider throwing JS part of Bootstrap into garbage and using
pure HTML+CSS solution.
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list