search

grantmcdermott / quarto-revealjs-clean

A minimalist and elegant presentation theme for Quarto Reveal.js
https://grantmcdermott.com/quarto-revealjs-clean-demo/template.html
MIT License
230 stars 37 forks source link

Avoid Google Fonts import? #7

Closed grantmcdermott closed 10 months ago

grantmcdermott commented 10 months ago

I recently ran into a security issue/policy at work, due to calling Google Font's external CDN.

Attacker who has already compromised the CDN can replace the resource to malicious code which will affect the security of web application

Seems highly unlikely with Google Fonts, but probably just easier to avoid the import for others in a similar situation.

grantmcdermott commented 10 months ago

(Would also have the minor upside of slightly faster rendering times.)