[Bug 45160] New: Eliminate JavaScript and CDN usage from AppDB for better privacy and security of the visitors.

[wine-bugs at winehq.org]

https://bugs.winehq.org/show_bug.cgi?id=45160

            Bug ID: 45160
           Summary: Eliminate JavaScript and CDN usage from AppDB for
                    better privacy and security of the visitors.
           Product: WineHQ Apps Database
           Version: unspecified
          Hardware: x86
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: appdb-unknown
          Assignee: wine-bugs at winehq.org
          Reporter: kolan_n at mail.ru
      Distribution: ---

There are some security and privacy issues in appdb.

0 It uses files from CDNs. You should store them locally and load them from own
server. If you can't do that, please enforce their integrity with
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity .
1 It is non-functional without JavaScript even though the same functionality is
achieved without using any JavaScript. For example drop-down panels are
implemented in browsers as a pair of HTML tags. Drop-down menus can be
implemented as css. There are lot of things that don't require any JS lines.
You should really consider throwing JS part of Bootstrap into garbage and using
pure HTML+CSS solution.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.