Yasr requests scripts from google on load

[rmeissn]

I've evaluated a project (quit-store) using yasqui and yasr and noticed in the network trace of my browser that yasr requests some script (6.54kb) from google.com. This wasn't known to the project creator ( @white-gecko ) and I was surprised that yasr requests a script from google, leaking personal information of me (e.g. my position).

I'd prefer to not load scripts from google, add a flag about using something from google or not or to insert the script in yasr directly. Especially in times of GPDR this seems not to be very practical.

Call stack:

s http://localhost:8080/static/js/yasr.min.js:29:119
a/this.init http://localhost:8080/static/js/yasr.min.js:28:31004
a http://localhost:8080/static/js/yasr.min.js:29:31614
[180]</e.exports http://localhost:8080/static/js/yasr.min.js:30:6043
<anonym> http://localhost:8080/sparql:124:13

Parts of the loaded script:

google.loader.ServiceBase = 'https://www.google.com/uds';
google.loader.GoogleApisBase = 'https://ajax.googleapis.com/ajax';
google.loader.ApiKey = 'notsupplied';
google.loader.KeyVerified = true;
google.loader.LoadFailure = false;
google.loader.Secure = true;
google.loader.GoogleLocale = 'www.google.com';
google.loader.ClientLocation = {"latitude":51.3,"longitude":12.333,"address":{"city":"Leipzig","region":"Saxony","country":"Germany","country_code":"DE"}};
google.loader.AdditionalParams = '';

[LaurensRietveld]

Hi @rmeissn ,did you try the useGoogleCharts flag (see http://yasr.yasgui.org/doc/#config ) when instantiating yasr?

[white-gecko]

Thank you, yes that works.