templates/postorius/base.html embeds remote JS from commercial CDN (privacy breach)
Seems like templates/postorius/base.html
links to two remote JS files from a commercial CDN (maxcdn.com):
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
I suggest to ship these two JS files within Postorius instead. Both are open source:
I consider linking JS/CSS files from commercial CDNs a severe privacy breach and strongly suggest to not do so per default in open source web applications, especially if they're developed under the umbrella of GNU, an organization highly appreciated for campaining for digital user rights.