Mastodawn

Jens Oliver Meiert Dec 9, 2024

Do you embed resources (scripts, fonts, multimedia) from third parties and their servers? (CDNs that you use—upload to—excluded.)

Please respond depending on where you’re based (or, if you largely develop for an organization, where that org is based).

♽ Reshare appreciated to get a better picture. Cheers!

#embedcode #thirdparty #privacy

Based in EU 🇪🇺: yes

13.1%

Based in EU 🇪🇺: no, self-hosting

55.8%

Not based in EU: yes

9.7%

Not based in EU: no, self-hosting

21.4%

Poll ended at Dec 12, 2024 at 11:26pm.

Show thread

Jens Oliver Meiert Dec 13, 2024

Thanks to all contributors!

More data would be even better, but it seems there *is* a marked difference between web dev behavior in and outside of the EU.

Personally, I like the awareness the GDPR brought, not to load anything and everything from other servers. So convenient—but also so irresponsible.

Beyond privacy, I recall how at Google, third-party embedding was always prohibited—for security reasons. It’s interesting this still isn’t a more popular concern.

#embedcode #privacy #security

Show thread

Lippe

@j9t I guess sometimes it's helpful for convincing the higher-ups when there is a pricelabel a.k.a. highly likely fine (read: GDPR) attached to a needed change and not "just" some possibly bad actor taking over some third-party-script (read: security)...