Cookie Management Banner

[adrian]

Hi everyone,

Sorry for the silence on this thread. This module is now generously being managed and updated by @wbmnfktr - I have updated the modules directory entry to point to his fork. I am sure he will be able to better support and improve this module than I can.

 

[netcarver]

@adrian Just a thought, could you go into GH and update your readme to point to the new code under @wbmnfktr's account and also your GH repo to "Archived"?

Many thanks for the work you've put into this BTW.

[wbmnfktr]

First of all... thank you @adrian for the introduction and the great work with this module.

In the last couple of days I created a DEV branch with some minor changes and fixes I found while testing the latest version (0.4.11).
If you are interested in playing around with that version, grab a copy over at Github - the DEV branch is linked below. As always: backup your site and previous module first.

All changes so far:

• FIXED: Vanilla JS version notice toggle didn't work when MANAGE disabled
• FIXED: Version change didn't trigger reset
• INFO: Added usage examples (assets/html)
• CHANGED: Removed CLOSE option
• ADDED: Datalayer details to README

Issue tracking on Github was also enabled. This could make things easier in the future. Feel free to open an issue there whenever you find a bug. Don't forget to add the obvious details (ProcessWire version, PHP version, expected behaviour, your module settings and custom code).

DEV-Branch
https://github.com/webmanufaktur/CookieManagementBanner/tree/dev

Issues
https://github.com/webmanufaktur/CookieManagementBanner/issues

[ceberlin]

For those having access to the premium area of erecht24, here is an intersting information update after the last EUGH decisons:
https://www.e-recht24.de/mitglieder/updates/eugh-urteile-cookies-einwilligung-google-analytics/
The world gets more complicated every day and I think the cookie managers too.

Small comments:

• Clicking "accept" was an agreement - so when opening the popup again later, the agreed checkbox could be pre-sected? Or better not?
• I tried revoking rights, but the Google "GA" cookie is still present. Is deactivating the script enough, musn't there also the Google Tag Manager cookie removed?A
• lso I can save "no" decision (no checkbox selected). I wonder what that means for the decision taken...

I compared this with a WordPress cookie manager and found 2 nice ideas:

• There a simple counter of how many people opt out.
• There are 2 links in the pop up under the "Accept" buttons in the right corner: Impressum and Privacy. So in case those madatory links get covered by the popup, those page are still easily accessible.

 

[wbmnfktr]

Thank you @ceberlin for the link. I just looked into the article and will take a look at the tools they provide and how they work - hopefully this week.

12 hours ago, ceberlin said:

There are 2 links in the pop up under the "Accept" buttons in the right corner: Impressum and Privacy. So in case those madatory links get covered by the popup, those page are still easily accessible.

Those can easily be set in the texts you already show in the banner. That's how I do it most of the time.

[ceberlin]

2 minutes ago, wbmnfktr said:

Those can easily be set in the texts you already show in the banner. That's how I do it most of the time.

I do, too. But I thought having the links placed UNDER the Confirm buttons makes more sense? And using a PW selector for the pages takes besser care that the links do not break on changes. (Text links are easily overlooked ?)

[DV-JF]

Hi,

is it possible to display the notice as an overlay. I've only the possibility to choose "Fixed Overlay at Bottom of Page"

I'm using Version 0.4.12 (dev branch) from @wbmnfktr github repo.

Furthermore it would be really nice to have the ability to create more than one checkbox in order to allow users to pick cookies more specifily. See https://developers.deezer.com/ for an example.

Many greets!

Edited November 26, 2019 by DV-JF
Added screenshot & branch info

[wbmnfktr]

1 hour ago, DV-JF said:

is it possible to display the notice as an overlay. I've only the possibility to choose "Fixed Overlay at Bottom of Page"

I could add a second option to that dropdown. Something like CustomCSS, add a specific class to the HTML and you can add your very own CSS and style it however you like it.

Another way would be disabling the auto-load assets option in the settings and add custom CSS right away.

1 hour ago, DV-JF said:

Furthermore it would be really nice to have the ability to create more than one checkbox in order to allow users to pick cookies more specifily.

I thought about something like that but I'm not sure which way to go here - for now.
The solution used by Deezer is provided by CookieBot and is quite powerful. Yet a bit too much for most I guess.

What/which options do you need in most of your projects?

I'm happy to hear more opinions, suggestions and ideas.

[DV-JF]

5 minutes ago, wbmnfktr said:

I could add a second option to that dropdown. Something like CustomCSS, add a specific class to the HTML and you can add your very own CSS and style it however you like it.

I'm just wonderin because of last point from READE.me say:

Quote

• position selection (top or bottom overlay, or content pushed down from the top)

So I'thought this is already implemented.

7 minutes ago, wbmnfktr said:

Another way would be disabling the auto-load assets option in the settings and add custom CSS right away.

I know, just wanted to save some time ?

8 minutes ago, wbmnfktr said:

I thought about something like that but I'm not sure which way to go here - for now.
The solution used by Deezer is provided by CookieBot and is quite powerful. Yet a bit too much for most I guess.

What/which options do you need in most of your projects?

I think it would be great to be relative flexible. Perhaps we may have a field (maybe a repeater could do) where you specify what kind of cookies your website serves.

On each repeater there should be in my eyes some possibility to explain what the cookie does and why it is used.

I also like the "Necessary" checkbox which can't be disabled.

BTW: Great module, thanks for @adrian creating and @wbmnfktr for maintaining it!

[joshua]

As some of our customers do have the same request (checkbox for only necessary cookies), I implemented this option in this fork.
Till now I only added the option in the vanilla js solution as we don't use jQuery at all. If desired I could add also this option to the jQuery part and open a PR.
Technically the button for "only necessary" cookies is the same as the option to not consent at all, just a different position of the button and naming.

This is an example of the module frontend.

[wbmnfktr]

1 hour ago, joshua said:

Technically the button for "only necessary" cookies is the same as the option to not consent at all, just a different position of the button and naming.

On first look this sounds like a really nice and handy addition and workaround for several use cases that were already mentioned here.
I have to take a closer look how this works out in the backend and frontend of course but I guess I'll be happy to add this to the module - somehow.

But as you use cookieMonster.block() for your necessary cookies the stored information (localStorage) says cookies denied/blocked and there might be a difference in these so it might be better to store a different value than blocked.

 

[joshua]

I agree that there should be a different value for necessary cookies...
Maybe the pwcmbAllowCookies in localStorage could have values like "all", "necessary" and "no" instead of just "y" and "n"?

I also thought about respecting the "DoNotTrack" choice of the user in the browser. I'm currently working on this, but this simple snippet at the start of the init function should do it:

/*
 if the user activated the "DoNotTrack" function in their browser, respect that choice and do not show the banner
 */
if (navigator.doNotTrack) {
  cookieMonster.cfg.allowCookies = "n";
  cookieMonster.cfg.selectionMade = "y";
  cookieMonster.cfg.storedVersion = cookieMonster.cfg.version;
  cookieMonster.sendActionBeacon();
  cookieMonster.updateStatus();
  cookieMonster.sendTrackingBeacon();
  return;
}

[wbmnfktr]

8 minutes ago, joshua said:

values like "all", "necessary" and "no" instead of just "y" and "n"

That's exactly what I thought about. As it's a change with bigger impact it might break already existing installations/setups. Therefore this has to be announced very well in that upcoming release - whenever it will happen.

While DNT is kind of great and standard I had issues with it in the past - quite some time ago - but I actually love the idea. As it would support Privacy by default it might be something not everyone (site owners, marketers, ...) wants, so it could be another option in the settings.

I really appreciate your input and ideas!

[joshua]

It's a pleasure ?

Yes, DNT should also be a selectable option. I'll add an suggestion for this feature later.
 

4 minutes ago, wbmnfktr said:

As it's a change with bigger impact it might break already existing installations/setups. Therefore this has to be announced very well in that upcoming release - whenever it will happen.

That's true. To add this as a non-breaking feature we could also add the type of accepted cookies as a separate storage option "allowedCookieType" => "all" // "necessary". In this case no existing setup should break.

[wbmnfktr]

That could do the trick.

Yet another thing comes to my mind. It needs to be somehow managable for users to see what decision they made.

How do you handle that in your fork/version? I didn't see anything in your code that tells users their "only necessary cookies" decision.
Maybe it's there but I haven't installed your version yet.

[joshua]

You're right, this isn't included yet. I definetely need to update the code later ?
 

[gebeer]

First off, big thanks to all authors for this module!

There's a lot of changes going on regarding the legal situation of cookie consent management. The latest requirements for opt-in don't seem to be covered by this module. I tried latest dev version and also @joshua's fork. When clicking on Manage Cookies, I only get 2 options: I consent, I do not consent. There is no list of individual tracking cookies with checkbox to opt-in.
I understand that implementing this can be a fairly complex task.

Clients in Germany pushing quite hard to have compliant cookie management on their websites. This module does not seem to fulfill this need at the moment. Or am I missing something?

Wordpress has paid plugins to accomplish this. But there are open source tools available, that can help to manage cookies compliant to GDPR and ePrivacy laws: https://klaro.kiprotect.com/ and https://www.oiljs.org/ both look promising.

Do you have any plans for implementing a similar solution into this module in the future? 

 

[joshua]

Yes, the legal situation in Germany / Europe is getting harder. I'm also still struggling with a good solution. Our wordpress developer uses https://borlabs.io/  which is a quite complete solution for cookie management (and external scripts / media blocker).

Thanks for the links to klaro & oil.js - both are looking really promising. I'll definetely take a deeper look.
I'm still behind my updates of the fork but was thinking about extending the features (as our german customers are asking for features as choosing the cookie groups, blocking external scripts, if not opted in ...).
Maybe it'll also be a complete rewrite, as the intended use changes.

Edit: My current draft work of a rewrite you'll find here: https://github.com/blaueQuelle/privacywire/tree/dev

[wbmnfktr]

Hi @gebeer,

you are right - there is no detailed opt-in like Borlabs or Klaro have by now.

I played with something like that in an experimental version of that plugin but it's far from ready to use - maybe a proof-of-concept maybe even less.

For the time being I use the manage/opt-in/consent solution to let the user opt-in to allow cookies/scripts/trackers. They are all listed on the privacy page. Until the visitor gives its ok, I block everything - or better to say: I don't load anything until that point. 

if (localStorage.getItem('pwcmbAllowCookies') === 'y') {

    // load Google Analytics
	// load Matomo
	// load whatever

}

I have to add the detail that most of my clients don't use Google Analytics and weird tracking/post-view trackers anymore. They never looked into their analytics before and drop them now. They get their metrics from Google My Business, Bing Webmaster and in most cases that's all they need. Fair enough.

[adrian]

FYI - https://www.smh.com.au/business/companies/google-says-goodbye-to-the-cookie-monster-increasing-user-privacy-20200115-p53rj5.html

 

[alexm]

Just a thought that would be useful in certain scenarios.

Is there a hook or anything that could be used to stop the cookie management banner displaying on a given template?

[wbmnfktr]

Sorry @alexmercenary I somehow missed your question.

There is no hook or option in the module itself for this.

You could somehow set an individual class to the body tag on certain pages and hide the whole banner with CSS.

body.noCookies #cookie-manager {
	display: none !important;
}
/* OR */
body.page-1234 #cookie-manager {
	display: none !important;
}
/* OR */
body.tpl-basic-page #cookie-manager {
	display: none !important;
}

 

[KarlvonKarton]

I don't know if this is known by you guys, but when I click on "I consent" in the notice panel and then go to manage with the js-pwcmb-notice-toggle, none of the checkboxes are checked.
After a refresh at least one of the checkboxes is correctly checked in the manage panel.

Curiously if not clicking on "I consent" in the notice panel, but going passing by preferences instead, then everything works as expected.

[cehlo]

Hi there, 

I do not know where the problem is, but the notice is not showing when users are logout. It is showing only when logged in as superuser (on frontend, or module configuration page). Any Ideas what could be the problem? Also I tried to reinstall module, refrech cache, clear local storage. Still I tried it on various devices, cookie notice is nowhere to be found. 

Thank you very much. 

[montero4]

Hello,

May I ask how to actually wrap the google analytics code using the code below? I'm a total newbie with jquery. I tried code below in the <head> section right after jquery script is loaded(?) and that doesn't work. I'm sure this is embarrasingly simple....but I can't find the solution in google.

You can wrap your tracking/marketing cookie code in a check for the localstorage key of: pwcmbAllowCookies

if(localStorage.getItem('pwcmbAllowCookies') == 'y') {

I tried this...

if(localStorage.getItem('pwcmbAllowCookies') == 'y') {
<script async src="https://www.googletagmanager.com/gtag/js?id=123"></script>

<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', '123');
</script>
}

Once this is solved is there anything else that I have to do? The cookie module seems to be working on the front end, but of course it doesn't actually do anything right now...

Thank you

Regards,