-
-
Notifications
You must be signed in to change notification settings - Fork 547
Open
Description
What I observed (verifiable)
When loading a local PDF, the app sends the following requests to SimplePDF endpoints.
1. Analytics events
Event: Loaded an on-device PDF
{
"type": "ANALYTICS",
"name": "Loaded an on-device PDF",
"data": {
"hasInteractiveForm": false,
"pagesCount": 1,
"isMobile": false
}
}Event: Loaded from iFrame
{
"type": "ANALYTICS",
"name": "Loaded from iFrame",
"data": {
"referrer": "http://localhost:8080/",
"isMobile": false
}
}2. Document fingerprint–based queries
query DocumentQuery($documentFingerprint: String!) {
document(documentFingerprint: $documentFingerprint) {
documentId
permission
documentFingerprint
uploadUrl
url
formUrl
...
}
}This happens without explicit user consent or disclosure.
Why this is a problem
- A document fingerprint (content-derived hash) is sent to a third party
- Analytics events are emitted automatically
- Outbound network calls happen even for local files
- This contradicts the expectation of local-only processing
Even if the PDF content itself is not uploaded, a stable fingerprint combined with analytics still constitutes third-party document tracking.
For users who:
- care about privacy
- use Omni Tools for sensitive documents
- chose Omni Tools specifically because it is local
…this behavior is unexpected.
Expected behavior
One of the following (any would be acceptable):
1. True local-only mode
- No outbound network calls by default
- No analytics or fingerprinting unless explicitly enabled
2. Explicit opt-in
- Clear UI toggle (e.g. “Enable SimplePDF integration / analytics”)
- Disabled by default
3. Clear disclosure
- Documented in the README and/or UI
- Clearly explain that SimplePDF services are used and what data is sent
Reactions are currently unavailable
Metadata
Metadata
Assignees
Labels
No labels