thanks for the feedback

unfortunately, the "no one else will know about it" is not true in cases I'm familiar with. consider a component that leaves an identifying mark in documents it generates, and the document ends up provided to remote users, say a proof of purchase, a statement of warranty... it's the shop's computing to generate them, even if they're meant to be delivered to users

I should have mentioned the "no JS" assumption. web shops have indeed become toxic, and may lead to misunderstandings about the scenario I meant to describe. it's unfortunate because it covers so many of the incidental circumstances, but that may be hard for even present readers to grasp because most web experiences are awfully invasive, and those are way outside my own personal experience. I still remember and long for buying books online on a shop that existed before JavaScript came to exist, and sending them payment information by GPG-encrypted email :-)