#3329 - Gravatar integration

By Chris Graham
Added 10th Aug 2017, 6:40 PM
4 views

Identifier	#3329
Issue type	Feature request or suggestion
Title	Gravatar integration
Status	Completed
Tags	Good for training (custom)
Handling member	Chris Graham
Addon	core_cns
Description	Automatically pull in gravatar's if available. I didn't want us to do this initially, but it seems gravatar has become a successful standard.
Steps to reproduce
Funded?	No

The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".

Rating

Unrated

Comments

By Guest posted 15th Mar 2021, 4:50 PM

This is now being implemented, behind an option that defaults off. Obviously we're extremely late to the party, but I think this is a common 'standard' we should have.

Gravatar works via an md5 hash of a user's email address. Exposing this to visitors is a security risk. So we will go through a local proxy script to get the gravatar. This also stops tracking. The privacy policy automatically will mention gravatar, if enabled, as there's still a privacy concern.

Gravatars will only show if no local avatar is set.

What is nice now is that Composr is tracking our external dependencies carefully, and in a maintainable way, and with unit testing where possible. So while in the past I was against adding external dependencies willy-nilly, this is no longer a concern.