[openstreetmap-website] Disable automatic gravatar opt-in, as it violates the privacy policy (#519)
vincentdephily
notifications at github.com
Tue Nov 5 11:00:11 UTC 2013
The [Gravatar TOS](https://secure.gravatar.com/site/terms-of-service/) mentions that third-party websites must "not copy, store or modify User Submissions". As with any TOS, it is subject to interpretation, but that item looks like it forbids caching the image. I have asked for clarifications on the [wordpress forums](http://en.forums.wordpress.com/topic/caching-gravatar-on-third-party-website-to-avoid-privacy-issues).
We could still obey the TOS by proxying the request without cacheing it, but that migth cost too much ressources ?
As for handling [cache invalidation](http://cacheinvalidation.blogspot.ie/), since this isn't a critical feature, we can simply look at the last-update-time when serving a gravatar. Fetching only once and in the background may be the tricky part, since we're rails-based ?
---
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/519#issuecomment-27764001
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20131105/770ef2c5/attachment.html>
More information about the rails-dev
mailing list