• lambalicious@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    0
    arrow-down
    1
    ·
    6 months ago

    And no, it wasn’t just the favicons feature that was removed (which like … is that really such a big privacy issue that you need to remove it from the binary?)

    Fetching a favicon means raising a network connection with a predictable endpoint. That’s already three concerns (four on the modern internet) to handle security-wise, and it’s absolutely an unneeded feature. Favicons could just be shipped on something like keepassxc-data or keepassxc-contrib to handle locally, no need to raise a network call.