<inputname="q"type="text"class="search-input"placeholder="Search..."aria-label="Input your search terms"autocomplete="off"autocorrect="off"autocapitalize="off"spellcheck="false"/>
<p>A Plug that fetches favicon images from DuckDuckGo and returns them
to the Plausible frontend.</p><p>The proxying is there so we can reduce the number of third-party domains that
the browser clients need to connect to. Our goal is to have 0 third-party domain
connections on the website for privacy reasons.</p><p>This module also maps between categorized sources and their respective URLs for favicons.
What does that mean exactly? During ingestion we use <ahref="PlausibleWeb.RefInspector.html#parse/1"><codeclass="inline">PlausibleWeb.RefInspector.parse/1</code></a> to
categorize our referrer sources like so:</p><p>google.com -> Google
google.co.uk -> Google
google.com.au -> Google</p><p>So when we show Google as a source in the dashboard, the request to this plug will come as:
<ahref="https://plausible/io/favicon/sources/Google">https://plausible/io/favicon/sources/Google</a></p><p>Now, when we want to show a favicon for Google, we need to convert Google -> google.com or
some other hostname owned by Google:
<ahref="https://icons.duckduckgo.com/ip3/google.com.ico">https://icons.duckduckgo.com/ip3/google.com.ico</a></p><p>The mapping from source category -> source hostname is stored in "priv/referer_favicon_domains.json" and
managed by <ahref="Mix.Tasks.GenerateReferrerFavicons.html#run/1"><codeclass="inline">Mix.Tasks.GenerateReferrerFavicons.run/1</code></a></p>
<p>Proxies HTTP request to DuckDuckGo favicon service. Swallows hop-by-hop HTTP
headers that should not be forwarded as defined in <ahref="https://www.rfc-editor.org/rfc/rfc2616#section-13.5.1">RFC 2616</a></p><h2id="call/2-placeholder"class="section-heading">
<p>Cases where we show a placeholder icon instead:</p><ol><li>In case of network error to DuckDuckGo</li><li>In case of non-2xx status code from DuckDuckGo</li><li>In case of broken image response body from DuckDuckGo</li></ol><p>I'm not sure why DDG sometimes returns a broken PNG image in their response
but we filter that out. When the icon request fails, we show a placeholder
favicon instead. The placeholder is an emoji from
<ahref="https://favicon.io/emoji-favicons/">https://favicon.io/emoji-favicons/</a></p><p>DuckDuckGo favicon service has some issues with <ahref="https://css-tricks.com/svg-favicons-and-all-the-fun-things-we-can-do-with-them/">SVG favicons</a>.
For some reason, they return them with <codeclass="inline">content-type=image/x-icon</code> whereas SVG
icons should be returned with <codeclass="inline">content-type=image/svg+xml</code>. This Plug detects
when the response body starts with <codeclass="inline"><svg</code> and will override the <codeclass="inline">Content-Type</code>
to correct it.</p><h2id="call/2-preventing-xss-vulnerabilities"class="section-heading">
<p>SVGs may contain <codeclass="inline"><script></code> tags, and as these SVGs come from external
sources, we need to prevent untrusted code from running on the browser.</p><ul><li><p>This Plug sets a strict <codeclass="inline">Content-Security-Policy</code> header telling the browser
not to run scripts.</p></li><li><p>This Plug sets <codeclass="inline">Content-Disposition=attachment</code> to prevent the SVG from
rendering when navigating to <codeclass="inline">/favicon/sources/:domain</code> directly.</p></li><li><p>Browsers do not execute scripts from <codeclass="inline"><img></code> tags, therefore it is safe to
use <codeclass="inline"><img src="https://plausible.io/favicon/sources/dummy.site"></img></code></p></li></ul>
</section>
</section>
<sectionclass="detail"id="init/1">
<divclass="detail-header">
<ahref="#init/1"class="detail-link"title="Link to this function">
