How to block web fonts to improve privacy
Websites that make use of text have two main options to display it. Use a font that is available on the majority of user devices or use custom web fonts, which are not installed on a user's device.
Custom web fonts, such as Google Fonts, give web designers more options when it comes to text display on websites, but they require that visitors download these fonts when they connect to the site. Caching is used, usually, to avoid that fonts are downloaded on every page visit.
For Internet users, the use of web fonts has two main disadvantages:
- Performance
- Privacy
Performance is the obvious one, as a request needs to be made to the server hosting the font to download it. While that is usually quick, it still adds to the loading time. Issues with the server may also lead to loading issues on the site. Users who are on a tight bandwidth budget or on very slow connections may benefit the most from the blocking.
Privacy is the second. Since requests are made to servers, e.g., Google servers that host the company's fonts, information such as the IP address is automatically submitted. Not all organizations that host web fonts use the information to track users, but there is always the chance that this is happening.
Google, for example, highlights the following in the terms:
The APIs are designed to help you enhance your websites and applications ("API Client(s)"). YOU AGREE THAT GOOGLE MAY MONITOR USE OF THE APIS TO ENSURE QUALITY, IMPROVE GOOGLE PRODUCTS AND SERVICES, AND VERIFY YOUR COMPLIANCE WITH THE TERMS. This monitoring may include Google accessing and using your API Client, for example to identify security issues that could affect Google or its users.
Since many sites use web fonts, widely used fonts may provide organizations with additional information about a user's activity on the Internet.
Blocking web fonts may lead to display issues on some sites. Sites that rely solely on web fonts, without having fallbacks in place, may not display correctly.
Find out if a site uses web fonts
It is relatively easy to find out if a site uses web fonts.
- Open the Developer Tools of the browser with the shortcut Ctrl-Shift-I. You find it listed in the main menu as well, usually under More Tools.
- Switch to the Network tab.
- Activate the font filter.
- Load the site in question and monitor the listing.
How to block web fonts
Web fonts can be blocked in a number of ways, depending on the browser that is used.
Firefox users may set the preferences gfx.downloadable_fonts.enabled and gfx.downloadable_fonts.woff2.enabled to false to block downloadable fonts in the browser.
The browser has another setting that may be of use. Introduced in Firefox 41, it enables Firefox to set specific fonts for visited websites.
- Load about:preferences#general in the browser's address bar to get started.
- Scroll down to the Fonts section and select the Advanced button.
- Uncheck "Allow pages to choose their own fonts, instead of your selection above". You may need to scroll the window to see the option.
- Select OK.
Users of the content blocker uBlock Origin may add a single custom line to it, to block web fonts. Open the Settings, switch to My Filters, and add the line *$font,third-party. Select Save, and you are all set. The content blocker includes an even stricter option, which blocks all remote fonts. To activate it, select "Block remote fonts" in the extension's settings. Sites that do not display correctly may be excluded from the blocking.
This blocks the use of web fonts on third-party sites only. First party sites are still allowed to load them.
Another option is to use a pre-made anti-fonts list, which you find here. Just import it into your content blocker of choice to block the majority of web fonts out there on third-party sites
Now You: how do you handle web fonts? Are you concerned about them? (via Collinmbarret)
Doesn’t Windows 8 know that www. or http:// are passe ?
Well it is a bit difficulty to distinguish between name.com domains and files for instance.
I know a service made by google that is similar to Google bookmarks.
http://www.google.com/saved
@Ashwin–Thankful you delighted my comment; who knows how many “gamers” would have disagreed!
@Martin
The comments section under this very article (3 comments) is identical to the comments section found under the following article:
https://www.ghacks.net/2023/08/15/netflix-is-testing-game-streaming-on-tvs-and-computers/
Not sure what the issue is, but have seen this issue under some other articles recently but did not report it back then.
Omg a badge!!!
Some tangible reward lmao.
It sucks that redditors are going to love the fuck out of it too.
With the cloud, there is no such thing as unlimited storage or privacy. Stop relying on these tech scums. Purchase your own hardware and develop your own solutions.
This is a certified reddit cringe moment. Hilarious how the article’s author tries to dress it up like it’s anything more than a png for doing the reddit corporation’s moderation work for free (or for bribes from companies and political groups)
Almost al unlmited services have a real limit.
And this comment is written on the dropbox article from August 25, 2023.
First comment > @ilev said on August 4, 2012 at 7:53 pm
For the God’s sake, fix the comments soon please! :[
Yes. Please. Fix the comments.
With Google Chrome, it’s only been 1,500 for some time now.
Anyone who wants to force me in such a way into buying something that I can get elsewhere for free will certainly never see a single dime from my side. I don’t even know how stupid their marketing department is to impose these limits on users instead of offering a valuable product to the paying faction. But they don’t. Even if you pay, you get something that is also available for free elsewhere.
The algorithm has also become less and less savvy in terms of e.g. English/German translations. It used to be that the bot could sort of sense what you were trying to say and put it into different colloquialisms, which was even fun because it was like, “I know what you’re trying to say here, how about…” Now it’s in parts too stupid to translate the simplest sentences correctly, and the suggestions it makes are at times as moronic as those made by Google Translations.
If this is a deep-learning AI that learns from users’ translations and the phrases they choose most often – which, by the way, is a valuable, moneys worthwhile contribution of every free user to this project: They invest their time and texts, thereby providing the necessary data for the AI to do the thing as nicely as they brag about it in the first place – alas, the more unprofessional users discovered the translator, the worse the language of this deep-learning bot has become, the greater the aggregate of linguistically illiterate users has become, and the worse the language of this deep-learning bot has become, as it now learns the drivel of every Tom, Dick and Harry out there, which is why I now get their Mickey Mouse language as suggestions: the inane language of people who can barely spell the alphabet, it seems.
And as a thank you for our time and effort in helping them and their AI learn, they’ve lowered the limit from what was once 5,000 to now 1,500…? A big “fuck off” from here for that! Not a brass farthing from me for this attitude and behaviour, not in a hundred years.