WordPress.org

Plugin Directory

GDPRess | Eliminate external requests to increase GDPR compliance

這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

GDPRess | Eliminate external requests to increase GDPR compliance

外掛說明

In January, 2022 a German court ruled that a website owner was in breach of GDPR and should pay a € 100,- fine, because embedded Google Fonts were used, essentially transferring the user’s personal data (IP address) without the user’s prior consent.

What’s embedding?

When an external (i.e. loaded from another server, besides your own) resource is embedded into a webpage, it basically means that the resource behaves as if it’s loaded from the same server hosting the webpage.

Why is using embedded resources in breach of GDPR?

Because of the way the internet works. When a browser (i.e. computer) requests a file (e.g. an image or a font file), the server needs the IP address of that computer to send it back. All these requests (including the IP address) are logged in a so-called access.log.

Once this IP address leaves the European Union, your website is violating the GDPR.

What does this plugin do?

GDPRess scans your homepage for 3rd party scripts (JS) and stylesheets (CSS), and:

  • Allows you to download or exclude them from downloading,
  • Parses the stylesheets for loaded font files, downloads them, and rewrites the stylesheet to use the local copies,
  • Makes sure the local copies of each script/stylesheet are used in your site’s frontend.

In short, it makes sure no requests are made to external/embedded/3rd party scripts and stylesheets.

螢幕擷圖

  • GDPRess’ Start screen, simply click Scan Website to start.
  • After running the initial scan, external requests are listed. Exclude a file when e.g. you suspect it might not work properly when it’s downloaded.
  • Google Analytics is automatically excluded, because simply downloading the file is not enough to use it in compliance with GDPR. Click on the link in the tooltip for more information.
  • Google Fonts is supported, but when many font families and/or font styles are detected, GDPRess will offer an alternative approach to optimize the request.
  • When the selected files are downloaded, the URLs of the local copies are listed.

安裝方式

  1. Upload the plugin files to the /wp-content/plugins/gdpr-press directory, or install the plugin through the WordPress plugins screen directly.
  2. Activate the plugin through the ‘Plugins’ screen in WordPress
  3. Use the Settings -> GDPRess screen to configure the plugin

常見問題集

Can I remove/preload stylesheets and/or scripts with this plugin?

No, because there are other plugins (like Asset Cleanup or Autoptimize) that are already excellent at that.

GDPRess downloaded a stylesheet/script, but I’m still seeing requests to font files loaded by the stylesheet?

GDPRess parses the stylesheet for defined src urls. But if it somehow missed it, I’d love to hear about that, because that might be a bug. Please head over to the support forum and submit a ticket, and include the full URL to the external stylesheet.

Will this plugin allow me to use Google Analytics in compliance with GDPR?

No, because much more is needed than just downloading analytics.js/gtag.js to your server. To use Google Analytics in compliance with GDPR, you need CAOS Pro.

使用者評論

2024 年 1 月 3 日 1 則留言
The plugin works as expected for me – even under WordPress 6.4. It’s a great addition to OMGF.I very much hope that the plugin will continue to be maintained and updated.
2023 年 6 月 28 日 1 則留言
Used it to localize Font Awesome CSS and font files. Works like a charm. Just perfect! Thank you for your hard work @daanvandenbergh
2022 年 11 月 4 日 1 則留言
Hey man, I host a page for a friend and with 3 kids and building a house, I find it hard to keep up with German legislation and keeping the page legal. The plugin you wrote solved the problem in no time and for free. Absolutely amazing. Very grateful!!!
2022 年 10 月 23 日 1 則留言
Great plugin. my Consent Tool no longer recognises external downloads from Font Awsome!!!! Wonderfully easy to install and set up
2022 年 9 月 5 日 1 則留言
Running without Theme on an Oxygen Framework and works very well. A must-have in times like these, where you getting sued because of using remote Google Fonts.
閱讀全部 9 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈GDPRess | Eliminate external requests to increase GDPR compliance〉的開發相關工作。

參與者

〈GDPRess | Eliminate external requests to increase GDPR compliance〉外掛目前已有 4 個本地化語言版本。 感謝全部譯者為這個外掛做出的貢獻。

將〈GDPRess | Eliminate external requests to increase GDPR compliance〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

1.2.3

  • Fixed: call to undefined function download_url().

1.2.2

  • Fixed: GDPRess now runs before OMGF/CAOS, so e.g. OMGF Pro can optimize previously externally hosted stylesheets.

1.2.1

  • Fixed: Protocol (//) and Root (/) relative URLs shouldn’t be interpreted as external URLs.
  • Fixed: Let CAOS/OMGF handle their files, if these plugins are active.

1.2.0

  • Added: Run a quick scan on each page to see if new external (3rd party) requests are present on that page!
  • Added: Test Mode (enabled by Default) to allow users to first test the optimizations before releasing them to the public.
  • Fixed: Don’t use WP_Filesystem to get and put file contents.

1.1.0

  • Added: Google Fonts support
    • When many Font Families or Font Styles are detected, GDPR Press will suggest to use OMGF to optimize the request before downloading it.
  • Fixed several bugs, notices and warnings.

1.0.2

  • Added: tooltip next to success message.
  • Fixed: tooltip-icon line height.

1.0.1

  • Fixed: Conflicts with several caching/optimization plugins:
    • Autoptimize
    • WP Rocket
    • W3 Total Cache
    • WP Optimize
  • Fixed: several warnings and notices.

1.0

  • First release!