For WordPress websites that I host, I have code which caches the gravatar images on the server and serves them directly.
My main goal was to disallow Gravatar tracking users across our websites (enforced with a Content-Security-Policy in addition to rewriting the image URLs). But, it does also rewrite the hashes used when served to the client. So, this could be used to avoid leaking user addresses. Not sure if that can apply to this software as well, but thought it was worth noting. Sam
signature.asc
Description: This is a digitally signed message part
