npub129gvast08lj986yftn7q5qlnj8yfqufxx0m33s9u5xssjm8c64rsve4kwg (npub129g…4kwg) there is at least one serious flaw with your reasoning: the claim that you don't collect IPs, cookies or user-agents.
Your *client* script doesn't have a say in any of it. As it talks to the tracking server it *does* disclose all these because that's how HTTP works.
Now, you can *choose* to not save those details on your *server*.
But what's stopping anyone from pointing the same script at a much more "memorizing" server that will actually keep track of IPs, UAs and set HttpOnly cookies as it talks to the browser?
So, FWIW, I think the block for the project *in its current state* is totally justified. Yes, for privacy reasons.
Now, if you asked for permission and provided your reasons in a banner on the page that's shown before the post, asking readers to opt-in – that would be a different story. Mildly annoying and could land that banner on the annoyances list, but I don't think it's on by default, so it would still be an improvement.
D:\side\🐘\ /
npub1et…av5dx
2023-11-23 22:32:18
in reply to nevent1q…k609
Author Public Key
npub1etwxzjv4lc0ya4ltct8w78xlaezhm0zate5thta3epf5t670ns5s2av5dxPublished at
2023-11-23 22:32:18Event JSON
{
"id": "d41a20d8f42dcc4b7786c5af978f9fca627f35b085f978acf95d651997b52a72",
"pubkey": "cadc614995fe1e4ed7ebc2ceef1cdfee457dbc5d5e68bbafb1c85345ebcf9c29",
"created_at": 1700778738,
"kind": 1,
"tags": [
[
"p",
"5150cec16f3fe453e8895cfc0a03f391c890712633f718c0bca1a1096cf8d547",
"wss://relay.mostr.pub"
],
[
"p",
"979383f8767c5d795fcad86f82dc7b38b384c1a473710c433014dc2c0fb0e359",
"wss://relay.mostr.pub"
],
[
"e",
"65cda9d5f8c6d52f7e6519711f17ae47b78df43e45158edd91578ab0c2ee77e1",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://mastodon.ml/users/dside/statuses/111462235417887893",
"activitypub"
]
],
"content": "nostr:npub129gvast08lj986yftn7q5qlnj8yfqufxx0m33s9u5xssjm8c64rsve4kwg there is at least one serious flaw with your reasoning: the claim that you don't collect IPs, cookies or user-agents.\n\nYour *client* script doesn't have a say in any of it. As it talks to the tracking server it *does* disclose all these because that's how HTTP works.\n\nNow, you can *choose* to not save those details on your *server*.\n\nBut what's stopping anyone from pointing the same script at a much more \"memorizing\" server that will actually keep track of IPs, UAs and set HttpOnly cookies as it talks to the browser?\n\nSo, FWIW, I think the block for the project *in its current state* is totally justified. Yes, for privacy reasons.\n\nNow, if you asked for permission and provided your reasons in a banner on the page that's shown before the post, asking readers to opt-in – that would be a different story. Mildly annoying and could land that banner on the annoyances list, but I don't think it's on by default, so it would still be an improvement.",
"sig": "fd7bc287f9977b5cc366a8030e8d04069d5e586f677ce8b60bdf9cea7dcc2b72c38e8173c7657e6429631ec2d53c34de96f8fa4cbc5300f766505427d48bc841"
}