Check-out screen loads the placeholder profile image from http://placehold.it/60x60
How to reproduce:
Open https://folio-snapshot-stable.aws.indexdata.com/settings/users/profilepictures and enable profile pictures.
Select an active borrower without profile picture, for example using barcode 236964750970123.
A placeholder image is shown next to the barcode, it has a "60x60" label.
Expected: The placeholder image is loaded from the https://folio-snapshot-stable.aws.indexdata.com/
Actual: The placeholder image is loaded from http://placehold.it/60x60
Browsers warn that http://placehold.it/60x60 is unencrypted, this may be an security issue.
A pull request to change http to https when loading from placehold.it was rejected in May 2017: https://github.com/folio-org/stripes-components/pull/2
It was decided to use a local image instead: https://issues.folio.org/browse/STRIPES-360
Placehold.it has usage rules that allow to use the images "from small sites or staging servers" but forbid "over 100,000 page views per month". Several FOLIO implementers exceed this limit.
The European Court of Justice held that dynamic IP addresses collected by a website owner qualify as personal information under EU privacy laws. Therefore FOLIO implementers need to list placehold.it in their records of processing activities as required by GDPR article 30. Please add a GDPR section on ui-checkout README listing placehold.it to help them with this task until the placehold.it link has been replaced by a local image.