Cobalt continues connecting to the Plausible instance after analytics are disabled

[celenityy]

bug description

Despite enabling don't contribute to analytics under settings -> privacy, cobalt.tools continues connecting to https://a.imput.net/js/script.js. This functionality should be entirely disabled once analytics are disabled - users have no way to verify you're dropping it on the server side (which is what I suspect is happening here).

reproduction steps

1. On cobalt.tools, enable don't contribute to analytics under settings -> privacy.
2. Observe that connections are still made to https://a.imput.net/js/script.js - (I confirmed with uBlock Origin).

screenshots

No response

links

platform information

Phoenix (Firefox) 135.0.1

additional context

I love Cobalt, and I'd really like to include a.imput.net on my BadBlock Ethical Whitelist, as you otherwise perfectly meet the criteria, but this issue is unfortunately preventing me from doing so.

I'd also like to ask: Would you consider disabling these analytics automatically if Global Privacy Control is enabled?

[wukko]

hey! the script should stop making requests completely once it sees plausible_ignore in local storage, can you check if it’s present in your case? i’ll look into this soon cuz this obviously shouldn’t happen

[wukko]

it’s also supposed to log “ignoring event” in console: https://plausible.io/docs/excluding-localstorage

[wukko]

just figured out what you meant in the issue, the js script doesn't do any analytics by being loaded, it sends a separate fetch request to /api/event which is indeed not sent when plausible_ignore is present:

however, i could make it not load the script at all, though i don't see how it's beneficial

[wukko]

Would you consider disabling these analytics automatically if Global Privacy Control is enabled?

cobalt's plausible analytics are already private, it doesn't track anyone, just aggregated number of traffic, so i don't think it's really applicable here?