Michael Orlitzky posted on Sat, 28 Feb 2015 06:52:55 -0500 as excerpted: > (The webfonts might be useful for clients, by the way. If they're not > installed locally, your browser downloads them on-demand and caches them > for later use.)
Well, unless the user tells it not to, of course. =:^) (That's the TL;DR version, too.) Firefox, RequestPolicy extension, set to disallow connection to domains (including fonts.google.com or whatever that common one is) other than the one directly browsed to, unless they've been specifically allowed from browsed domain to other-domain (or either one has been allowed globally). Rather effective anti-tracker, anti-malware and ad-blocker, altho it does take some time to get all your normally needed alloweds set so normally browsed-to sites "just work" for the most part. With youtube now switching to html5 video by default, for instance, with quite a few video- feed domains and with many videos two-levels deep, it took a few hours of youtubing to get nearly all the first-level-video-server domains allowed from youtube, but I'm still hitting blocks on the first-level-to-second- level permissions from time to time, and having to allow them as they come up. But all that facebook and twitter tracking due to those nearly ubiquitous icons... just doesn't track... since I don't allow it globally and am pretty strict about allowing it per-site as well. (Actually, as I seldom use those site and don't have accounts, and have actually followed links to say twitter only a few times and facebook possibly never, I basically don't allow it at all, but the general person who /does/ use them could simply be very selective about permanent alloweds and use temporary alloweds only when they actually want to use that functionality.) Back on-topic, most web-fonts don't get downloaded either, since they're from some third party site. I normally get the broken-character square instead, but most of the time functionality is obvious. Basically like noscript, but for general third-party connections, not just scripts, etc. Tho with both on (plus others like disconnect), a user often has to enable a site in multiple places to actually have it allowed. Which is good; defense in depth and all! =:^) Tho doing anything new on the web or browsing to a new site and getting it to work does tend to take me a bit longer than most, since I have to figure out what I have to turn on to get it to work, and what I can leave off as it's just tracking/ads/otherwise-unnecessary, does take a bit longer than it would if I were simply running around naked with everything hanging out to the world, as so many apparently choose to be, online if not IRL. -- Duncan - List replies preferred. No HTML msgs. "Every nonfree program has a lord, a master -- and if you use the program, he is your master." Richard Stallman
