https://bugs.winehq.org/show_bug.cgi?id=45160
Bug ID: 45160 Summary: Eliminate JavaScript and CDN usage from AppDB for better privacy and security of the visitors. Product: WineHQ Apps Database Version: unspecified Hardware: x86 OS: Linux Status: UNCONFIRMED Severity: normal Priority: P2 Component: appdb-unknown Assignee: wine-bugs@winehq.org Reporter: kolan_n@mail.ru Distribution: ---
There are some security and privacy issues in appdb.
0 It uses files from CDNs. You should store them locally and load them from own server. If you can't do that, please enforce their integrity with https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity . 1 It is non-functional without JavaScript even though the same functionality is achieved without using any JavaScript. For example drop-down panels are implemented in browsers as a pair of HTML tags. Drop-down menus can be implemented as css. There are lot of things that don't require any JS lines. You should really consider throwing JS part of Bootstrap into garbage and using pure HTML+CSS solution.