| 开发者 | kipphard |
|---|---|
| 更新时间 | 2026年7月10日 21:22 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 7.0 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
<link> tags and @import rules — see the FAQ for the WordPress 6.9 requirement), disable WordPress emoji scripts (removes the s.w.org request), replace Gravatar with a local SVG placeholderkipphard-gdpr-webfonts folder to /wp-content/plugins/, or install it from the Plugins screen in your WordPress admin.No. This is an audit tool, not a compliance overlay. It shows you which external requests your site makes and provides recommendations, but the actual work — hosting fonts locally, obtaining consent, replacing services — has to be done by you or your development team. When in doubt, consult a data-protection professional or lawyer.
All of them: the scan covers your homepage plus every published page and post. Very large sites are capped at 200 URLs per run — a performance safeguard, not a feature limit.
No. The plugin fetches your own URLs internally over HTTP and analyses the returned HTML locally. No data is transferred to any third party.
The plugin analyses the HTML that your server delivers on initial load. Requests triggered later by JavaScript (for example on scroll or click) are not visible in the static HTML and are therefore not detected. For a complete picture, also check your browser's Network tab.
Removing a font reference that a theme has hard-coded into its templates, or written as an @import rule inside a <style> block, means rewriting the finished HTML page. WordPress 6.9 introduced a standard way for plugins to do that — the template enhancement output buffer — and this plugin uses it rather than opening an output buffer of its own, which is unreliable when several plugins do it at once.
On WordPress 6.4 to 6.8 the quick fix still removes Google Fonts stylesheets that were enqueued through WordPress (the common case) and the preconnect / dns-prefetch hints. Hard-coded <link> tags and @import rules are left in place; the scan report continues to list them so you can remove them from your theme by hand.
On 20 January 2022 the Munich Regional Court I (LG München I, Az. 3 O 17493/20) ruled that embedding Google Fonts without visitor consent violates the GDPR, because the visitor's IP address is transmitted to Google servers in the USA without a legal basis. This plugin flags that risk and lets you remove the external requests entirely.
Make sure your site is reachable from itself — no "coming soon" mode, no HTTP authentication. The plugin fetches your own URLs internally over HTTP. Also verify that the PHP dom and libxml extensions are available on your server.