Privacy-preserving embedding of Tweets

Embedding tweets with the usual setup is a bit annoying. You end up using Twitter’s JavaScript, which takes a while to render the content. You probably have to do the GDPR dance for your users too (I honestly don’t know the details), since it’s possible they include cookies / trackers, etc.

I made a “simpler” version which uses a preprocessor and Hugo Shortcodes to embed tweets as images. It’s easy to use while writing, the preprocessor generates images using Chrome / Puppeteer as needed. The images are hosted in the site’s static directory, and use whatever optimizations you have in place. The image includes a rough fetch timestamp to give a sense of when it was taken (regarding reactions, etc).

Sample tweet


View tweet

Full code is on Github.

Using the default embeds

This uses the standard Twitter shortcode in Hugo:

This won’t work on my site here, because the content security policy is pretty strict, so it’s kinda awkward to show:

Refused to load the script ‘https://platform.twitter.com/widgets.js’ because it violates the following Content Security Policy directive: “script-src https://cdnjs.cloudflare.com ‘unsafe-inline’”. Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is used as a fallback.

Comments / questions

There's currently no commenting functionality here. If you'd like to comment, please use Twitter and @me there. Thanks!

Tweet about this - and/or - search for latest comments / top comments

Related pages