Hello Team, we have identified an issue using the Unfold template related to external resources being loaded via a CDN. This is problematic for us from a GDPR/data protection perspective, as connections to third-party servers are established.

In the browser DevTools (Network tab), we see the following external requests via cdn.jsdelivr.net:

1. https://cdn.jsdelivr.net/npm/[email protected]/dist/gsap.min.js

For both files, the initiator is shown as “script”, meaning the scripts are embedded directly in the HTML and not loaded dynamically.

Based on our analysis, these resources appear to be added in the template’s index.php, likely via the following code: php $theme->head(); $theme->loadFontAwesome(); $theme->add_js('main.js'); $document->addScript('https://cdn.jsdelivr.net/npm/[email protected]/dist/gsap.min.js'); $document->addScript('https://cdn.jsdelivr.net/npm/[email protected]/dist/ScrollTrigger.min.js');

Problem

When we try to disable or remove these external scripts via an override, the entire layout/design breaks, which suggests that the template relies on GSAP/ScrollTrigger for its functionality and animations.

Our questions

1. Is there a template option in Unfold to disable loading GSAP/ScrollTrigger via CDN (or disable them entirely) without breaking the layout?
2. If GSAP/ScrollTrigger are required by the template, is there an official way to self-host these libraries locally and configure the template accordingly?
3. Additionally, we would like to continue using *Font Awesome, but *not via a CDN. Is there a supported way to load Font Awesome locally (e.g. from template assets or the Joomla media folder) instead of using $theme->loadFontAwesome()?

We would appreciate guidance or best practices on how to replace or disable these external CDN resources in a GDPR-compliant way without negatively affecting the template’s design or functionality.

Thank you very much for your support.

Kind regards,