Hi @ov3rfly,
Thanks for contacting us and sharing the information on Web fonts,
We are checking it from our end and will get back to you shortly.
Regards,
Support- team
This is very very bad for GDPR regulations, and there is now more than 2 months this very BIG problem has been reported to you @filemanagersupport. I use Pro version with dark theme, the manager connect to google to import fonts family=Noto+Sans.
Regards.
-
This reply was modified 2 years, 2 months ago by
wplike75.
Hi @wplike75,
Thanks for letting us know about the font vulnerability. And, we are aware of GDPR compliances.
We are in the process to fix this issue and will release a new updated version of the plugin with the fix. We will be grateful for your patience with us.
Regards,
Support team
Hi @ov3rfly,
Thanks for staying patient with us.
We have fixed the issue that you have highlighted and removed the hardcore Google Fonts External links from our plugin structure, A new version of the plugin 7.1.7 has been released with the fix, Kindly update your current version to the latest.
Please get back to us if you still need assistance.
Warm regards,
Support team
Thanks for feedback, the above mentioned issue is solved with 7.1.7.
A quick search in plugin files reveals some more hardcoded external hosted Google webfonts:
lib/codemirror/mode/factor/index.html
<link href='http://fonts.googleapis.com/css?family=Droid+Sans+Mono' rel='stylesheet' type='text/css'>
lib/codemirror/mode/forth/index.html
<link href='http://fonts.googleapis.com/css?family=Droid+Sans+Mono' rel='stylesheet' type='text/css'>
lib/codemirror/mode/vb/index.html
<link href="http://fonts.googleapis.com/css?family=Inconsolata" rel="stylesheet" type="text/css">
lib/themes/light/css/theme.css
@import url('//fonts.googleapis.com/css?family=Open+Sans:300');
lib/themes/windows - 10/css/theme.css
@import url('//fonts.googleapis.com/css?family=Open+Sans:300');
Did not test further how/where these files are used, you might want to remove the hardcoded links there as well.
File Manager 7.1.7
