ct_pointer_data becomes huge

Hello klemendev.

We suggest 2 ways to solve this:

1. Enable alternative cookies in the plugin settings. The data will be stored in the site database. This will increase the load on the database.

2. If the use of alternative cookies is unacceptable. We decided to exclude this cookie if the "Use CleanTalk JavaScript library" option is enabled. Please install the attached patch for this.

Did it help?

We have "Use CleanTalk JavaScript library", so I will apply this patch and report back. Thank you for a quick reply and the patch :)

Tried the patch with "Use CleanTalk JavaScript library" checked, but

ct_pointer_data

the cookie was still generated. Tried in incognito and made sure to clear all caches. Enable alternative cookies in the plugin settings may not be an option for us as we have relatively high-traffic website, although, I can't really estimate an impact of this alternative cookies option

Please clarify, did you clear the cache not only the browser, but also the site?

Yes, "drush cr" and also in-UI "Performance -> Clear caches" and browser by going incognito.

In Google Chrome dev tools in cookies list, ct_pointer_data was still created.

"Use CleanTalk JavaScript library" is enabled, "Enable alternative cookies" is disabled, bot firewall setting is disabled too

Hello,

I will ask our developers about this. We will contact you within 2-3 business days.

Thank you.

Hello.

Judging by the frontend of your site, we suspect that either the patch was not installed correctly or some cache was not cleared. Please install the plugin with the patch from the attached archive.

Any changes?

You currently don't see the patch because we did not want to leave the patch that did not work on the production site, so we removed it after unsuccessful testing.

I am sure that the patch was applied correctly, but will do it again / install attached module zip later today.

If the use of alternative cookies is unacceptable. We decided to exclude this cookie if the "Use CleanTalk JavaScript library" option is enabled. Please install the attached patch for this.

Is this correct? Because looking at patch, only cleantalk_bot_detector and cleantalk_alternative_cookies_session parameters are checked, which we both have set to false on our production site.

Thank you for your reply.
I transferred your question to the programmer staff. Please, wait.

I have reapplied the patch back to the site, so your developers can check our frontend again. From my checks, it seems patch was applied but pointer data cookie is still created

Hello,

Please ensure the "Use CleanTalk JavaScript library" option (stored as cleantalk_bot_detector) is enabled. When this option is active, a frontend flag called ct_use_bot_detector will appear.

If ct_use_bot_detector = 1, the cookie ct_pointer_data will be set upon page load but will not update via JavaScript—its value will remain 0. This directly addresses the reported concern regarding the oversized cookie. In this setup, actual mouse coordinates will be transmitted via frontend_data, bypassing the website’s backend (and avoiding the cookie altogether).

Did it help you?

"Use CleanTalk JavaScript library" is enabled on our website (checkbox is checked), and this patch ( https://www.drupal.org/files/issues/2025-06-30/skip_cookie_ct_pointer_da... → ) applied; however, we noticed that the size is still non-zero, and also grows significantly in some cases if moving the mouse and clicking a lot. It starts at size 16 and then grows.

EDIT: I have noticed it only grows when logged in. If the user is anonymous, it remains at size 16

Thank you. Give us three days to check everything out.

Hello,

We tested the website from different browsers and devices, the cookie size ct_pointer_data was 0 each time.

Please, clear all cache in:
- your browser
- your Drupal backend
- your CDN

If it didn't help, then please send us a video where:
- you visit the website with visible browser console where the cookies are being monitored
- run these commands in your browser consoles: ct_use_alt_cookies and ct_use_bot_detector
- open in the browser console Sources → Page → top → YOUR_WEBSITE → sites/default/files → js → one of the bundles "js_"

Thank you.

I can not send the video here. If needed, I can open a private ticket on your support pages to send it there.

But with https://www.drupal.org/files/issues/2025-06-30/skip_cookie_ct_pointer_da... → applied and all caches possible cleaned, I can confirm this patch makes it so ct_pointer_data has value "0" all the time and Chrome shows constant size 16, which is acceptable.

I have noticed it only happens if I log in to the website with admin account, so I guess this patch sort of fixes the issue for all users but admin.

Still strange why on the logged in admin account, ct_pointer_data still grows without limits.

Logged in or anonymous user, values are:

* ct_use_alt_cookies is 0
* ct_use_bot_detector is 1

Yes, please, send your video via a private ticket:
https://cleantalk.org/my/support/open

Opened ticket 49611

Thanks to helpful support from the support team, we were able to pinpoint the issue to stubborn caches.

I can confirm this fixes the cookie size at 16 bytes and value "0" which is fine and does not cause huge cookie issues.

Marking RTBC, hopefully this patch makes it into the module release :)

Thank you for your feedback! We are glad to know the issue is resolved.