Remove security and privacy issue Gravatar

[Rotzbua]

Current reason

Gravatar is not a reliable service. There was a data leak where more than 100 million(!!) emails were leaked.

References:

• https://monitor.firefox.com/breach-details/Gravatar
• https://haveibeenpwned.com/

Gravatar is a security risk and privacy issue. It should be removed or disabled by default in my opinion.

Other reasons

• It also causes problems when users want to use new security features such as CSP.
• In offline mode it causes display errors. #1335
• May violate data protection laws or policies, which must additionally be evaluated by the user.
• Requested years ago #650

Reference to main grav repository

https://github.com/getgrav/grav/issues/3491

[w00fz]

I left a comment in the PR with a bunch of changes request to make your PR valid. However, like I mentioned, I'm failing to see how this can be considered a security and/or privacy concern, considering the only way you can see this Gravatar is if you are logged in.

No one outside of the Admin can access the Gravatar and anyone within the admin, that can see the Gravatar, can already see the email address, so there really isn't a privacy concern considering the email is already there out in the wild.

That said, I like the idea of this being an opt-in solution and I gave you some directions in the PR because what you have right now can't really work.

Cheers

[atomGit]

this is crazy - this issue goes back at least 6 years and the default is still to use a "free" data-harvesting, privacy-disrespecting 3rd party service to generate a useless image???

this says a lot about the lack of ethics of the developer(s) responsible for this nonsense