Closed philshem closed 5 years ago
jgthms
commented
5 years ago Ah, I actually didn't know! It's apparently created by Cloudflare automatically, but not by me for sure.
I set up Cloudflare to speed up the website, and also because GitHub Pages did not support https at the time. It seems they do now, so we might not need Cloudflare anymore.
My1
commented
5 years ago now THAT cookie is fun. depending on the headers the client sends along this can actually be used for tracking (even if CF randomizes the cookie for every domain, the domain the image is from is always bulma.io.)
@philshem just download the image. even without cookies with IPv6 depending on how devices handle it enough tracking is possible, it's better to just host it yourself.
philshem
commented
5 years ago Thanks for looking into it. I would normally download the image and host it myself, but I'm using a theme for python pelican called Bulrush that is pointing to that badge. I'm trying to not change the theme at all, for a couple reasons (so that I can always simply use pip install bulrush, and because the html templates are not part of the hosted repository branch). I know neither of those reasons are related to this repository, but I just wanted to bring the cookie to your attention, and I don't expect Bulma to change their host because of this cookie.
(I've also opened the issue at Bulrush, which would be a much faster fix.)
jgthms
commented
5 years ago If you can't host the image, I'd recommend uploading the one you want on a service like Imgur, or even a S3 bucket if you have that. This would circumvent the cookie.
philshem
commented
5 years ago If you can't host the image, I'd recommend uploading the one you want on a service like Imgur, or even a S3 bucket if you have that. This would circumvent the cookie.
It's more an issue of using a static content generating package that is linking to the bulma.io hosted image. I can change my own code, but if I change that theme's static template, I have to include that static template in my webpage code repository, so that travis-ci to get the fixed template.
This is about Bulma.
Overview of the problem
This is a really minor "problem", but linking to the Bulma badges is leaving a cookie from Cloudflare.
For those of us going for a 100% cookie-free and no-tracking website, it would be cool to host the badges without
Description
The request to bulma.io for this image:
Is leaving the cookie "cfduid" on the browser of website visitors:
This cookie is from CloudFlare and is not for tracking, and is for determining unique users with a common IP. It's been discussed here.
(also posted here)
Is it possible to host an image hosted on a site that doesn't leave a cookie?