Many WordPress themes, including all three themes that are bundled with WordPress, make use of Google Fonts. Google Fonts is a source of tracking,
I just started looking at how to potentially fix this issue. The theme I am currently using is not one of the default themes, but like the default themes, it uses Google Fonts.
What it does (and it seems most do this), it requests a CSS file from fonts.googleapis.com. That is where at least one tracking cookie takes place.
The font that it is requesting is Libre Franklin – a free font licensed under the SIL Open Font License. That seems to be general experience with Google Fonts – virtually all of their fonts are fonts licensed under a liberal license that lets just about anyone use them for just about anything. Google is using the generosity of these font creators to monetize and track people.
First off I want to point out that in FireFox on Linux anyway, even with Google Fonts blocked the current theme looks pretty good:
FireFox on Linux is defaulting to DejaVu Sans which actually is a really nice font. Here is what it looks like in Chromium using the intended font:
It’s clearly different, and I honestly can’t say which I like better.
It’s important to note however that the font used by systems that block trackers will not always be so close to the font used by the theme, sometimes they will be quite different.
So in cases like Libre Franklin where the intended font is under a license that allows it to be served by a different party than Google without a license cost, what can we do? The themes generally seem to use the WordPress function
add_query_arg() but that function is not one of the functions in pluggable.php that can be replaced. Nor does it appear to have a callback hook.
This is something I am going to need to research a bit.
Where there’s a will, there is a way.
Create a font server on a cookieless domain, say fonts.whatever.org.
When there is a font that can legally be served without paying a license fee, like Libre Franklin, host the WOFF2 variant of the font on it as well as the needed CSS style sheet. I would only be interested in hosting the WOFF2 variant. Why? https://caniuse.com/#search=woff2 shows that virtually browser that is current supports WOFF2 and it is the most efficient web font format. Only providing WOFF2 would save a lot of space.
A plugin would then filter the
add_query_arg() function if possible, I’m sure there is a way. When
fonts.googleapi.com is the URL AND the font specified in the GET variable, then it would replace it with fonts.whatever.org so a CSS file that does not involve trackers is served.
I would unfortunately probably not be able to do this for free, the blogs that wanted to use it would have to contribute to the cost of hosting the font or the font server would send a 403 forbidden with the font requests, just a matter of cost.
The very real issue is that fonts are rather large and there are issues caused when they are not served quickly, what happens is the web page renders using a system font before the font loads and then when it does load the page “jumps” a bit providing a bad user experience, so it would need decent servers and as load grows, more than one.
I’m thinking about it though, I really am, and I will solve this issue.