Convert fixed programmed CDN use of contrib modules or themes to local libraries

Created on 5 May 2024, 8 months ago
Updated 6 May 2024, 8 months ago

Problem/Motivation

I would be great if I could convert fixed CDN use of contrib modules into a local call to a folder where I downloaded the libraries - without having to change the code of the module/theme itself.

Is that possible?

It would in a first step also help to get a list of all detected external libraries.

Convert fixed programmed CDN use of contrib modules or themes to local libraries

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Feature request
Status

Closed: won't fix

Version

0.0

Component

Code

Created by

🇦🇹Austria maxilein

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @maxilein
  • Status changed to Closed: won't fix 8 months ago
  • I'm sorry, but this is not possible right now and I don't want to implement it.

    It would in a first step also help to get a list of all detected external libraries.

    I can imagine two ways for this list:

    1. Create log while disabling external libraries during initial load (before caching)
    2. Parse all modules and active themes on a settings page (after caching)

    I'm against 1, because I want to avoid a database write during initialization (for performance). Point 2 would require a lot of work, but could be useful. I have to think about...

    It would be great if I could convert fixed CDN use of contrib modules into a local call to a folder where I downloaded the libraries - without having to change the code of the module/theme itself.

    I'm against this option for a few reasons:

    There are modules already for library management, e. g. Libraries API or Library Manager . But I didn't test any of these modules, so I can't tell if they are compatible with this module.

    My main motivation for writing this module was to prevent the insane amount of random CSS files or jQuery sneaking into my theme. Globally disabling external libraries is only a safety measure against modules, that enable CDNs by default. If I ever want to manage or replace external libraries, I would first try one of the existing modules. If they don't work, I could write a new module named "replace_libraries", so the "disable_libraries" module won't get bloated.

    Besides that, I don't want to fix symptoms. If you use modules, that enable CDNs by default, you should open an issue and explain, why this is bad. Maybe the author just never thought about the privacy and security impacts and is willing to learn. If not, you should ask yourself, if you can trust code from authors, who don't value consent.

    For example the PhotoSwipe module version 4 enables CDNs by default (and disable_libraries disables them). Since version 5.0, it is opt-in, so they appear trustworthy.

    The webform module tells a different story. GDPR and CDN related issues are known for years and I would never recommend using it. But it is the de facto standard form builder module for Drupal and I have to use it until an alternative exists. With disable_libraries I have a safety net during this time frame.

  • 🇦🇹Austria maxilein

    Thank you for the elaborate and thoughtful answer!

Production build 0.71.5 2024