Merge pull request #15504 from ethereum/cookies

pettinarip · web-flow · commit b48f2fb33244 · 2025-05-28T19:20:54.000+02:00
fix: prevent cookie transfers during external data loads
diff --git a/app/[locale]/_components/home.tsx b/app/[locale]/_components/home.tsx
@@ -651,6 +651,8 @@ const HomePage = ({
                           e.currentTarget.onerror = null
                           e.currentTarget.src = EventFallback.src
                         }}
+                        referrerPolicy="no-referrer"
+                        crossOrigin="anonymous"
                       />
                     </CardBanner>
                     <CardContent>
@@ -738,6 +740,8 @@ const HomePage = ({
                           }}
                           className="max-w-full object-cover object-center"
                           loading="lazy"
+                          referrerPolicy="no-referrer"
+                          crossOrigin="anonymous"
                         />
                       ) : (
                         <Image src={EventFallback} alt="" />
diff --git a/public/content/developers/tutorials/the-graph-fixing-web3-data-querying/index.md b/public/content/developers/tutorials/the-graph-fixing-web3-data-querying/index.md
@@ -3,14 +3,7 @@ title: "The Graph: Fixing Web3 data querying"
 description: Blockchain is like a database but without SQL. All the data is there, but no way to access it. Let me show you how to fix this with The Graph and GraphQL.
 author: Markus Waas
 lang: en
-tags:
-  [
-    "solidity",
-    "smart contracts",
-    "querying",
-    "the graph",
-    "react",
-  ]
+tags: ["solidity", "smart contracts", "querying", "the graph", "react"]
 skill: intermediate
 published: 2020-09-06
 source: soliditydeveloper.com
@@ -90,7 +83,7 @@ First let's talk about GraphQL, originally designed and implemented by Facebook.
 
 ![GraphQL API vs. REST API](./graphql.jpg)
 
-<img src="https://cdn0.scrvt.com/b095ee27d37b3d7b6b150adba9ac6ec8/42226f4816a77656/bc5c8b270798/graphql-querygif.gif" width="100%"/>
+![](./graphql-query.gif)
 
 The two images pretty much capture the essence of GraphQL. With the query on the right we can define exactly what data we want, so there we get everything in one request and nothing more than exactly what we need. A GraphQL server handles the fetching of all data required, so it is incredibly easy for the frontend consumer side to use. [This is a nice explanation](https://www.apollographql.com/blog/graphql-explained-5844742f195e/) of how exactly the server handles a query if you're interested.
 
diff --git a/src/data/placeholders/content-developers-tutorials-the-graph-fixing-web3-data-querying-data.json b/src/data/placeholders/content-developers-tutorials-the-graph-fixing-web3-data-querying-data.json
@@ -22,5 +22,9 @@
   "/content/developers/tutorials/the-graph-fixing-web3-data-querying/thegraph-explorer.png": {
     "hash": "48f6c069",
     "base64": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAALCAIAAAD5gJpuAAAACXBIWXMAAAPoAAAD6AG1e1JrAAACJklEQVR4nAEbAuT9ABYRIRYQIhMPHRYTJA8RJwcIHwMCGAgGGwQDFwIBFAAAEwUEGAUEGAAAFAkIGw4NHwASM2EXOWwXN3ATLFxFPUZYUFNYUFNAOUNLSlpjX21oXnFJR1ZKQ1ZeWGlgVmhKQVQAP3fcSYf3S4b+M2O8rZp9u6aCvKeEno17087V7//31frsyMTIx667/8rg/9Hjxa25ADNmuD96yjx6zSdVmYl6ZX9yWG1fR3NoW6uor3G/o0G1jJWjpKqKn9KIp9Rckad8lAA2W4pCZpQpWIoXP2lhV055bl1cUT5JPDh6goVZn4ZooIt3fH6EX3WthpWhZH14UGgAGB1IKy5YJCpTEBc9LCwuLzczLTozKiovQTxJTE5RQkRINzFASkRPYFBZVEtOQjhGACd8Vi6LXDCPXR5lT0ooPZlDSpMmR0cbQYKBk6edqqWbqId/kEpBXjEiQTQlQ1NFYABT3nJh/Xpl/4BBt2nGXUr/eVf/glG8UlS9ub1zb2h9e3O/u76jlKZkn5JymY+llKUAO6ldQLRhQrddLYpQqnx2u2KByGdIqlVUTUlTFxcWGBgVUUxUQ0JWM5RyMHxcNi1CAC1+UESWYSl/PhlaOH9xbZ51cY1WZmIlNmRjaD88OSQjH09ITy4tPTpdUR08MBURIAARPi0ZSzQSRy8IListGSFJKiVFJicoFSVCQExHQUZIRUhCPEkaEiUeKy0aICUaECI8o7+y+wRmBAAAAABJRU5ErkJggg=="
+  },
+  "/content/developers/tutorials/the-graph-fixing-web3-data-querying/graphql-query.gif": {
+    "hash": "15d03461",
+    "base64": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAMCAYAAABr5z2BAAAACXBIWXMAAAPoAAAD6AG1e1JrAAABAklEQVR4nGMwM7f4LyUl9V9SknSsoKj0n8HG2vZ/c3Pz/3nz5v6fOnUK0XjevNn/i4qK/jNMmTL1f2Zm5n8PD4//pIKjR4/9Z+jt7fs/f/78/wkJCf+/fv1KNAaBfXv3/WfIysr6/+DBfZJtR3EBCMBMJdmAoqLi/9evX/t/9uyZ/8ePHft/5MgRovC5c+f+z5wx8z9DT0/P/6XLV4Hx9evX/7979+7/z+8//3/79u3/j+/fCbtg/vwF/7fv3PNfTc/0/9p16/9Pau3531xW+z/Yxfd/aXr+/xfPnhP2wuvXr+GCINvRQxuvAdOmTSct5NANaGlpAwbIBaIDDzkQQd4HAMXFfREF8kXGAAAAAElFTkSuQmCC"
   }
 }
diff --git a/src/lib/api/fetchRSS.ts b/src/lib/api/fetchRSS.ts
@@ -130,7 +130,10 @@ export const fetchRSS = async (xmlUrl: string | string[]) => {
  */
 export const fetchXml = async (url: string) => {
   try {
-    const response = await fetch(url)
+    const response = await fetch(url, {
+      headers: { Cookie: "", DNT: "1" }, // Empty cookie header and do-not-track
+      credentials: "omit", // Don't send or receive cookies
+    })
     const xml = await response.text()
     let returnObject: Record<string, unknown> = {}
     parseString(xml, (err, result) => {

Original file line number	Diff line number	Diff line change
`@@ -22,5 +22,9 @@`
`22`	`22`	`"/content/developers/tutorials/the-graph-fixing-web3-data-querying/thegraph-explorer.png": {`
`23`	`23`	`"hash": "48f6c069",`
`24`	`24`	"base64": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAALCAIAAAD5gJpuAAAACXBIWXMAAAPoAAAD6AG1e1JrAAACJklEQVR4nAEbAuT9ABYRIRYQIhMPHRYTJA8RJwcIHwMCGAgGGwQDFwIBFAAAEwUEGAUEGAAAFAkIGw4NHwASM2EXOWwXN3ATLFxFPUZYUFNYUFNAOUNLSlpjX21oXnFJR1ZKQ1ZeWGlgVmhKQVQAP3fcSYf3S4b+M2O8rZp9u6aCvKeEno17087V7//31frsyMTIx667/8rg/9Hjxa25ADNmuD96yjx6zSdVmYl6ZX9yWG1fR3NoW6uor3G/o0G1jJWjpKqKn9KIp9Rckad8lAA2W4pCZpQpWIoXP2lhV055bl1cUT5JPDh6goVZn4ZooIt3fH6EX3WthpWhZH14UGgAGB1IKy5YJCpTEBc9LCwuLzczLTozKiovQTxJTE5RQkRINzFASkRPYFBZVEtOQjhGACd8Vi6LXDCPXR5lT0ooPZlDSpMmR0cbQYKBk6edqqWbqId/kEpBXjEiQTQlQ1NFYABT3nJh/Xpl/4BBt2nGXUr/eVf/glG8UlS9ub1zb2h9e3O/u76jlKZkn5JymY+llKUAO6ldQLRhQrddLYpQqnx2u2KByGdIqlVUTUlTFxcWGBgVUUxUQ0JWM5RyMHxcNi1CAC1+UESWYSl/PhlaOH9xbZ51cY1WZmIlNmRjaD88OSQjH09ITy4tPTpdUR08MBURIAARPi0ZSzQSRy8IListGSFJKiVFJicoFSVCQExHQUZIRUhCPEkaEiUeKy0aICUaECI8o7+y+wRmBAAAAABJRU5ErkJggg=="
	`25`	`+ },`
	`26`	`+ "/content/developers/tutorials/the-graph-fixing-web3-data-querying/graphql-query.gif": {`
	`27`	`+ "hash": "15d03461",`
	`28`	`+ "base64": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAMCAYAAABr5z2BAAAACXBIWXMAAAPoAAAD6AG1e1JrAAABAklEQVR4nGMwM7f4LyUl9V9SknSsoKj0n8HG2vZ/c3Pz/3nz5v6fOnUK0XjevNn/i4qK/jNMmTL1f2Zm5n8PD4//pIKjR4/9Z+jt7fs/f/78/wkJCf+/fv1KNAaBfXv3/WfIysr6/+DBfZJtR3EBCMBMJdmAoqLi/9evX/t/9uyZ/8ePHft/5MgRovC5c+f+z5wx8z9DT0/P/6XLV4Hx9evX/7979+7/z+8//3/79u3/j+/fCbtg/vwF/7fv3PNfTc/0/9p16/9Pau3531xW+z/Yxfd/aXr+/xfPnhP2wuvXr+GCINvRQxuvAdOmTSct5NANaGlpAwbIBaIDDzkQQd4HAMXFfREF8kXGAAAAAElFTkSuQmCC"`
`25`	`29`	`}`
`26`	`30`	`}`