Investigate global Stripe.js and iframe injection on Drupal pages

Problem

• Stripe.js is being loaded on every Drupal page, including pages without any Stripe-related forms.
• A Stripe-controlled iframe (__privateStripeMetricsController...) is injected globally across all pages.
• This behavior suggests Stripe is initialized site-wide rather than conditionally.
• Loading Stripe globally may:
  • Introduce unnecessary third-party requests and performance overhead.
  • Expand the surface area for external tracking or telemetry collection.
• There is concern that Stripe may collect user-related data (e.g., device, session, or behavioral signals) even when no payment interaction occurs.

Expected Behavior

• Stripe.js should only be loaded on pages where payment functionality is explicitly required.
• Stripe-related iframes should only be present during active payment flows.
• No Stripe scripts or resources should be loaded on unrelated pages.
• Any third-party data collection should be minimized and limited to strictly necessary contexts (e.g., payment processing).