The Do-Not-Track HTTP header is the evil bit of the web world.

If you do wish to respect it, however. How would you do it in practice for a JavaScript single-page web-app? Detecting that the user has selected the opt-out in preferences varies between browser. It is usually accessed something like: navigator.doNotTrack. But this is not reliable because the value also differs between browsers!

The specification also dictates the the result should only be true or false if the user explicitly set it, otherwise it should be a special unspecified value. Which also differs between browsers. This is complicated by the fact that Microsoft has made IE 10 & 11 set the value to true by default, in violation of the standard!

The problem is, if we respect the value for IE 10 &amp 11, we will miss out on tracking 30% of our visits! So we need to explicitly check for those two browsers and ignore the DNT value. For other browsers, we respect the option set (Microsoft has since changed their mind) and only load Google Analytics / what-have-you if it is false. The code for doing so is:

1
2
3
4
5
6
7
8
9
10

// Respect do not track for all browsers. Except for IE 10 and 11 where we ignore it
var dnt_isIe10or11 = (navigator.appVersion.indexOf("MSIE 10") !== -1) || (navigator.userAgent.indexOf("Trident") !== -1 && navigator.    userAgent.indexOf("rv:11") !== -1);
var DNT = (navigator.doNotTrack || navigator.msDoNotTrack || window.doNotTrack);
DNT = !DNT || DNT == "unspecified" || DNT == "0" ? false : true;
if (!DNT || dnt_isIe10or11) {
  var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");

  // Put the GA loading code here
  
}

Regardless of this. Since most sites do not respect this setting, I recommend everyone to get Ghostery to be safe from website-tracking.