Contrib.social

Don't load Stripe JS on every page

Open on Drupal.org β†’
Created on 26 July 2021, almost 3 years ago
Updated 24 March 2024, 3 months ago

Problem/Motivation

Since adding this module I have noticed that <script src="https://js.stripe.com/v3/"></script> loads on every page, even admin pages. This is not necessary and slows down site performance with no benefit. In my case we are using Stripe for a single webform and have absolutely no reason to load it on any other page.

There was much discussion about this and it was recently addressed in the Commerce Stripe β†’ module in #3083393: Limit Stripe scripts and cookies to pages where they are required β†’ .

Steps to reproduce

Add this module to your site, confirm that the JavaScript loads on every page.

Proposed resolution

Ensure that the Stripe JS only loads on pages where Stripe is used.

Remaining tasks

  • Write a patch with tests
  • Review

User interface changes

N/A

API changes

N/A

Data model changes

N/A

πŸ› Bug report
Status

Needs work

Version

2.0

Component

Code

Created by

πŸ‡¦πŸ‡ΊAustralia pameeela

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment over 1 year ago β†’
    heddn Nicaragua

    Is there any report in the wild if this fixes things?

  • Comment over 1 year ago β†’
    solideogloria

    I can confirm that it doesn't load on every page after removing the hook. However, I couldn't even get Stripe's example checkout block to work (without this patch, and with the dev version of the module).

    πŸ’¬ Can't get Stripe Examples form to work Active

    As a result, I'm not using the module.

  • Status changed to Needs work 3 months ago
  • Comment 3 months ago β†’
    πŸ‡¬πŸ‡§United Kingdom Steven Jones

    The patch in #4 works for me, but then you lose the fraud prevention features of it, in that it's able to more accurately detect fraud. So maybe this should be optional somehow?

  • Comment 3 months ago β†’
    solideogloria

    Including it on every page allows Stripe to track your users for the entirety of their usage of your site. "Fraud prevention" is just their way of saying "we want to track everyone, everywhere, and we want to use that data to train an AI on their behavior."

    I don't think that's something they need to be able to do. That's your bank's responsibility, if anything.

  • Comment 3 months ago β†’
    πŸ‡¦πŸ‡ΊAustralia pameeela

    We used the patch successfully but no longer require payment. Agree that it should be configurable if you did want to use the fraud prevention feature, but we didn’t need that.

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024