#3655 closed enhancement (fixed)
Remove twitter, facebook, google plus and quantserve scripts from https://wordpress.org footer
Reported by: | allendav | Owned by: | SergeyBiryukov |
---|---|---|---|
Milestone: | Priority: | high | |
Component: | General | Keywords: | |
Cc: |
Description (last modified by )
The twitter and facebook buttons in the page footer are flagged by some privacy extensions like ghostery as poor for user privacy. Let's replace the script powered buttons with plain buttons to those social media services.
To reproduce: Open https://wordpress.org/about/privacy/ incognito with the ghostery extension active.
Attachments (2)
Change History (54)
This ticket was mentioned in Slack in #core-privacy by allendav. View the logs.
6 years ago
#3
@
6 years ago
Hi @Otto42 - I respectfully disagree. They are trackers.
That said, we should be able to replace those third party like and tweet buttons with links that still allow our users to like and tweet the page AND preserve our users' privacy.
Also, when Safari for iOS 12 and Mohave releases this fall, user of that browser will be prompted about this: https://www.cnet.com/news/new-safari-privacy-features-on-macos-mojave-and-ios-12-crack-down-on-nosy-websites/
This ticket was mentioned in Slack in #meta by tellyworth. View the logs.
6 years ago
#6
follow-up:
↓ 9
@
6 years ago
The Jetpack sharing buttons explicitly do not use the standard version of these buttons and so should not be subject to any tracking. Needs some customization to add them to a different part of the page, but should be easy enough: https://jetpack.com/support/sharing/
#7
follow-up:
↓ 8
@
6 years ago
I think it is pretty disingenuous to only make this change for https://wordpress.org/about/privacy/
If a potential user of WordPress reads that page and are satisfied by what they read there to then visit a different page on w.org and have an entirely different privacy experience is misleading IMHO.
#8
in reply to:
↑ 7
@
6 years ago
Replying to netweb:
I think it is pretty disingenuous to only make this change for https://wordpress.org/about/privacy/
If a potential user of WordPress reads that page and are satisfied by what they read there to then visit a different page on w.org and have an entirely different privacy experience is misleading IMHO.
I completely agree. When I wrote the issue I was just thinking about the privacy page - a consistent privacy experience (at least with respect to third party scripts like these) from page to page (and site to site) would be much better.
#9
in reply to:
↑ 6
@
6 years ago
Replying to gibrown:
The Jetpack sharing buttons explicitly do not use the standard version of these buttons and so should not be subject to any tracking. Needs some customization to add them to a different part of the page, but should be easy enough: https://jetpack.com/support/sharing/
Hey @gibrown
You mean when Jetpack Sharing is set to use "Icon & Text", "Icon Only" or "Text Only" right? If a user uses the "Official Buttons" setting then those buttons are tracked by Facebook, etc.
#10
@
6 years ago
Yep, that's what I mean. We won't have the counts anymore, but would still have the buttons.
This ticket was mentioned in Slack in #meta by tellyworth. View the logs.
6 years ago
#12
@
6 years ago
To clarify: in Icon Only mode and similar, the buttons will all still function as before right, other than the count display?
#13
@
6 years ago
As far as trackers, with Firefox Tracking Protection on, I get notices for both Twitter and Facebook widgets on WordPress.org footer. My vote would be to remove and replace with static images or text.
I would actually vote to remove Facebook altogether, but that's a whole other thing.
Also, quantserve is another tracker that probably should be removed, but at least provides a smidge of value if we care about popularity.
#14
@
6 years ago
Is there any good reason to embed FB/Twitter JavaScript on the site, instead of just using "intent" links? I've always preferred intent links because they're simpler, don't take up extra bandwidth, have zero memory footprint, don't rely on external services, etc.
I'm not aware of any compelling benefit of actually embedding the third-party scripts.
#15
@
6 years ago
- Summary changed from Could we not run twitter, facebook and google plus trackers on https://wordpress.org/about/privacy/ please to Remove twitter, facebook and google plus scripts from https://wordpress.org/about/privacy/
#16
@
6 years ago
@mkaz wrote
Also, quantserve is another tracker that probably should be removed, but at least provides a smidge of value if we care about popularity.
How can I figure out who added / uses that so I can chat with them?
#17
@
6 years ago
@iandunn wrote:
Is there any good reason to embed FB/Twitter JavaScript on the site, instead of just using "intent" links? I've always preferred intent links because they're simpler, don't take up extra bandwidth, have zero memory footprint, don't rely on external services, etc.
By "intent" links do you mean the plain vanilla, do-not-incorporate-third-party-scripts, "Icon & Text", "Icon Only" or "Text Only" style links?
The downside is we lose that little "X people liked this" count for the service - the upside is our users' privacy is preserved and users that want to can still like/tweet the page.
#18
@
6 years ago
Yeah, that's what I meant. Personally, I don't see much value in the "X people..." bit. Everybody knows we power 31% of the web, no need to brag about it.
This ticket was mentioned in Slack in #meta by allendav. View the logs.
6 years ago
#21
@
6 years ago
Thought this chat sounded familiar, just wanted to flag this was raised in #core-privacy on Oct 22nd so am happy to see the dicussion continue.
Original post flagging these in Slack #core-privacy - https://wordpress.slack.com/archives/C9695RJBW/p1540223792000100
#22
@
6 years ago
- Summary changed from Remove twitter, facebook and google plus scripts from https://wordpress.org/about/privacy/ to Remove twitter, facebook, google plus and quantserve scripts from https://wordpress.org footer
Tweaked ticket title to include quantserve and remove page specificity so it's known it affects the footer on the entire WP.org network.
This ticket was mentioned in Slack in #meta by allendav. View the logs.
6 years ago
#26
@
6 years ago
Matt has approved it: "yeah you can kill quantcast, and fine with the buttons being switched to something that loads faster / doesn’t call remote"
This ticket was mentioned in Slack in #core-privacy by webdevlaw. View the logs.
6 years ago
#30
@
6 years ago
- Keywords needs-patch added
Thanks everyone for their work on this. I'm glad we were able to get Quantcast removed. After discussion in #core-privacy it seems the next steps are replacing the Twitter/Facebook Follow/Like iFrames with static versions. As such I updated this ticket to needs-patch
to denote there's further work to be done.
#31
follow-up:
↓ 32
@
6 years ago
AFAIK there is no way to get the FB "Like" functionality without the tracking. Two things we can do:
- Embed a static image and simply link to the FB page, or
- add a working "Share" button.
#32
in reply to:
↑ 31
@
6 years ago
Replying to pputzer:
AFAIK there is no way to get the FB "Like" functionality without the tracking. Two things we can do:
- Embed a static image and simply link to the FB page, or
- add a working "Share" button.
Thanks @pputzer. For reference, here's the slack discussion - https://wordpress.slack.com/archives/C9695RJBW/p1549047578654000?thread_ts=1549038800.604700&cid=C9695RJBW
IMHO I feel just the static icon w/ link would suffice.
#33
@
6 years ago
For Twitter's "Follow" button, it should be possible via their "intent" API: https://twitter.com/intent/follow/?screen_name=@wordpress
#34
@
6 years ago
Discussing this on #core-privacy further it would make the most sense to simply replace with social icons that link to the social communities as currently the purpose of those iframes are to promote those communities and get users to follow/like them. The other option was replace with static sharer links but that doesn't feel appropriate as we're not promoting users to share the current page.
The links to be used;
Twitter - https://twitter.com/WordPress
Facebook - https://www.facebook.com/WordPress/
For icons unless a designer has a better idea, the dashicons already on site can be used for this;
.dashicons-twitter
.dashicons-facebook
Let me know if you require further direction.
Thanks
#35
@
6 years ago
I suggest we use this URL for the Twitter link - it preserves the existing semantics of the "Follow" button (and, unlike the version I posted earlier, it is independent of any future changes to the display name of the WordPress Twitter account):
https://twitter.com/intent/follow/?user_id=685513
Using the intent handler will ensure a smoother UX on mobile devices because it's handled by their native apps. More information on the Twitter Web Intents API.
This ticket was mentioned in Slack in #meta by pepe. View the logs.
6 years ago
#37
@
6 years ago
As per comment:34, here's how the links would look like with Dashicons: 3655.png.
Haven't found any pages where Dashicons are not loaded, should be good to go.
The code in the screenshot, for reference:
<ul> <li><span class="dashicons dashicons-twitter"></span><a href="https://twitter.com/WordPress" title="Follow @WordPress on Twitter">@WordPress</a></li> <li><span class="dashicons dashicons-facebook"></span><a href="https://www.facebook.com/WordPress/" title="Like WordPress on Facebook">WordPress</a></li> </ul>
#39
@
6 years ago
Note: Trac footer, as seen in sites/trunk/trac.wordpress.org/templates/wporg-footer.html, doesn't have these links/buttons for some reason, whereas all the other links are the same. Not sure if that's intentional or an oversight.
#40
@
6 years ago
- Keywords needs-patch removed
- Resolution set to fixed
- Status changed from accepted to closed
Fixed in [dotorg14838].
This ticket was mentioned in Slack in #core-privacy by pepe. View the logs.
6 years ago
#44
follow-up:
↓ 45
@
6 years ago
THANKS @SergeyBiryukov you're a rockstar.
That works nicely and happy to hear the dashicons worked out.
One minor note the Trac footer seems to have a slight display issue dropping the links into a new row. See screenshot I just uploaded.
Cheers
#45
in reply to:
↑ 44
;
follow-up:
↓ 46
@
6 years ago
Replying to garrett-eclipse:
One minor note the Trac footer seems to have a slight display issue dropping the links into a new row. See screenshot I just uploaded.
Thanks! The CSS change in [8303] was correct, it's just that it wasn't fully deployed, probably because the version bump in [8304] followed too quickly. A second version bump in [8314] appears to have fixed it.
#46
in reply to:
↑ 45
@
6 years ago
Replying to SergeyBiryukov:
Replying to garrett-eclipse:
One minor note the Trac footer seems to have a slight display issue dropping the links into a new row. See screenshot I just uploaded.
Thanks! The CSS change in [8303] was correct, it's just that it wasn't fully deployed, probably because the version bump in [8304] followed too quickly. A second version bump in [8314] appears to have fixed it.
Awesome thanks @SergeyBiryukov I can confirm it's looking correct now. Appreciate you tackling that.
#47
@
6 years ago
Related - #4216
I opened a ticket to clean up the Cookie Policy now that Quantcast has been removed form WP.org
#49
@
6 years ago
Related - #4227
*There's some custom .dashicons css on the download page that affected the footer. I've uploaded a patch for it on the above mentioned ticket.
We don't run "trackers" on that page, we run the various like and tweet buttons in the footer of every page on WordPress.org.
So, if you want to get into a discussion about removing them from the footer, then you'd do best to not refer to them as "trackers" since not everybody agrees with you on the privacy implications of such buttons.
That includes me, and because of your wording, my vote for this ticket is -1.