Jump to content

PrivacyWire - Cookie Management & async external asset loading


joshua

Recommended Posts

Hello,

I tried to uninstall this module so I could test another, but I'm getting this error after uninstalling it. Based on what this error seems to be indicating, I made sure that I uninstalled TextformatterPrivacyWire first, before uninstalling PrivacyWire. But that didn't work either. Is there something else that I should be doing? I thought it might be ProCache, but I turned that off too.

Please let me know. Thank you!

Error: Exception: Module TextformatterPrivacyWire requires: PrivacyWire>=0.0.5 (in /usr/home/jc/public_html/test.com/wire/core/Modules.php line 1857
#0 /usr/home/jc/public_html/test.com/wire/core/Wire.php(383): ProcessWire\Modules->___install('TextformatterPr...')
#1 /usr/home/jc/public_html/test.com/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod('___install', Array)
#2 /usr/home/jc/public_html/test.com/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks(Object(ProcessWire\Modules), 'install', Array)
#3 /usr/home/jc/public_html/test.com/wire/core/Modules.php(1303): ProcessWire\Wire->__call('install', Array)
#4 /usr/home/jc/public_html/test.com/wire/core/Modules.php(1194): ProcessWire\Modules->getModule('TextformatterPr...')
#5 /usr/home/jc/public_html/test.com/wire/modules/Fieldtype/FieldtypeText.module(97): ProcessWire\Modules->get('TextformatterPr...')


This error message was shown because: you are logged in as a Superuser. Error has been logged.

 

 

Link to comment
Share on other sites

19 hours ago, montero4 said:

Hello,

I tried to uninstall this module so I could test another, but I'm getting this error after uninstalling it.

Hi Montero,

thank you for your feedback. I just looked into this and fixed the bug in the new release.

Best,
Joshua

Link to comment
Share on other sites

On 5/30/2020 at 5:06 PM, ceberlin said:

Isn't it required in the new word of EU web bureaucracy to list every single cookie on demand (by category) and explain what is does, where it's from and can set it individually?

So, for example, in the same example category "my user settings" I can agree to remember a "my selected language" cookie but not another cookie with "my last page visited"?

As Borlabs cookie does it, or Klaro (kind of)?

Am I wrong with my understanding of the current GDPR law situation? Or is this implemented already and I just did not find it?

(Right now I am evaluation this module against using KLARO directy)

That's an interesting point. As I understood the GDPR (but I'm not a lawyer, so not sure about that) a listing of the single cookies is not mandatory right now - but the upcoming ePrivacy could change that.

When you want/need to implement this solution, KLARO could be a better choice at the moment. Currently this feature isn't included in PrivacyWire and I'm not sure if or when I could implement it. Or you could fork PrivacyWire and add the feature with a PR? 😉

Best,
Joshua

  • Like 1
Link to comment
Share on other sites

Hi Joshua, yes, in Germany, this is not mandatory at the moment - in other EU countries the situation might be different. All German lawyers online with lots of drama about the subject offer - surprise surprise - their own commercial solutions. I have not read any neutral position/comment on the subject yet. As I understand it, the tenor from the BGH is that the user should be able to know exactly what he or she agrees to. According to this, the webdesigner would have to name names.

The BGH ruling is still too recent (end of May 2020) and has not yet been implemented in German law. I just want to be prepared. I am irritated to I see the free KLARO goes the same route, listing all the little details.

I am not prepared yet to fork and PR. I am thinking about possible concepts right now. Maybe just adding an optional data-attribute with some line of text or a link which is is dispayed with a "read more" in the module's output, so the module does not need to handle every little detail? I am curious about other opinions from EU developers here. (I am also checking out the KARO module for WordPress right now to see how they are managing the information there.)

Cheers, Carl

  • Like 1
Link to comment
Share on other sites

Joshua, first, thank you for all your work. It looks like that we need a good solution for compliance also in Germany now (after the BGH ruling) and I am glad, that your plugin is close to what we need already.

After comparing existing tools and reading more about the requirements I thought of the following strategy to add to the compliance:
(My source of information: https://www.activemind.de/magazin/cookie-consent-banner/)

1. we probably need another category.

"Functional" for settings that are not "essential", like settings, example use: remember that a certain popup was closed. Comes after "essential" (or better the order of the selected categories from the backend is remembered)

2. Details collection.

This info should to be collected: name of cookie, issuer, purpose, functions, privacy links. Example:
name: '_ga, _gid',
issuer: 'Google Universal Analytics',
purpose: 'Collect statistical data for service improvement.',
functions: 'Number of pageviews, link clicked etc. ',
privacyLink: 'https://policies.google.com/privacy?hl=en'

Some vendors like cookiebot overload their popup with information. I think this confuses more than it helps. Setting content should not be rocket science to average users.

Instead, I thought of having the details on a special (manually filled?) compliance page, sorted into category blocks. That means that means another optional link (next to imprint and privacy) in the settings could be useful.

If this strategy makes sense, then it would be fancy if your textformatter could handle the consent from there: [[privacywire-category-settings category="statistics" ]] and display a toggle for on/off for that category. (But this has no priority)

3. Styles / Popup responsive? 

Right now the popup is not working correctly on mobile phones. It is not scrollable, and with lots of description and selections it easily has more content than fitting on a small screen.

  • We need another wrapper div tag for the element and another wrapper div tag with a class for the links - and add classes to all elements like the lists - so this is easier to style.
  • Also the body text is maybe not needed right away so there should be an option in the backend to display that only on the page which opens, when "select" is choosen?
  • Maybe add a field in the backend to drop all the CSS so it is easy to maintain at one place?

4. External media.

Can you explain what happens in that case? How can your code handle iframes, e.g. YouTube, Vimeo and maps? What happens if one of the existing video plugins are used?

5. Cookie lifetime of this plugin max 7 days?

In Safari and Firefox JavaScript cookies have a short lifetime, even if the cookie is set with a very long expiration date. A user has to opt-in again every 7 days. Is this correct? and is an alternative? Source: https://alightanalytics.com/alight-insights/safari-first-party-cookies/

---

Before a line of code is written, I would ask everyone for feedback and ideas for this concept...

---

By the way: here is a nice layout example with a consent banner with kind of your feature set - they also follow the route to move all complicated cookie details to a separate cookie consent page:

https://www.osano.com/cookieconsent/download/

 

 

  • Like 1
Link to comment
Share on other sites

Hi Joshua, the module works fine.
I would like to use the Textformatter to generate a button. [[privacywire-choose-cookies]]
But I don't get how to implement the shortcode.. 😬
In a Textfield? That doesnt work. Sorry for this noob-question.
Thank you!

Ok..now I got it!

Edited by Nick Belane
  • Like 1
Link to comment
Share on other sites

  • 1 month later...

Hello gentlemen and thank you for your fine module, Joshua!

Is there a way to preserve the changes to the HTML/CSS of the banner after updates? Maybe there is a generic processwirish way to override module markup?

Right now I added a method to the module that allows me to replace the module's markup by placing the modified files in /site/templates/MODULE_DIR/:

    protected function getFile($file, $is_url = false)
    {
        // we're putting module overrides in /site/templates/modules
        $override_dir = 'modules/' . basename(dirname(__FILE__)) .'/';
        $override_path = $this->wire('config')->paths->templates . $override_dir . $file;
        // we're overriding files in the module's folder
        $default_path = $this->wire('config')->paths->$this . $file;

        if (is_readable($override_path)) {
            return $is_url ? $this->wire('config')->urls->templates . $override_dir . $file : $override_path;
        }

        return $is_url ? $this->wire('config')->urls->$this . $file : $default_path;
    }

and using it like this:

$jsFilePath = $this->getFile('js/PrivacyWire.js', true);

and

$output = wireRenderFile($this->getFile('PrivacyWireBanner.php'), [ 'module' => $this ]);

 

This way I only have to add the above code into the module after the update, while keeping my changes in /site/templates/PrivacyWire/, to preserve the look of the banner, from the default

2020-08-06-131451.png.9b206751af206c4b215924363de9db59.png

to a Bulma version

2020-08-06-131529.png.a7a7c169547ec401c8301ee8f7ab5159.png

  • Like 2
Link to comment
Share on other sites

Thank you for all your input! I've been quite busy the last weeks, sorry for my delay in answering your requests.
During the last couple of days I refactored some code and implemented an suggested feature by @horst (to call a custom js function after saving the consent). As this version might not be as stable as the current version, you'll find it currently in a separate branch. The following updates are also only in this branch at the moment.

On 6/2/2020 at 11:10 AM, ceberlin said:

1. we probably need another category.

"Functional" for settings that are not "essential", like settings, example use: remember that a certain popup was closed. Comes after "essential" (or better the order of the selected categories from the backend is remembered)

I agree on that and just added this category to PrivacyWire (in the V2-Branch).

On 6/2/2020 at 11:10 AM, ceberlin said:

5. Cookie lifetime of this plugin max 7 days?

In the new branch I switched to save the consent information in LocalStorage instead of Cookies. Now the lifetime in all browsers should be 365 days.

About the details about cookies / categories: I also agree that there should be an option to display more details. The idea of a Textformatter for this purpose sounds good. Haven't got the time though to implement it right away. I'm open for PullRequests with improvements, if you want 😉

The styling is currently applied directly within the js file. To add the option to disable loading the stylesheet, I could exclude this from the js file and add an option to the module config.

  • Like 1
Link to comment
Share on other sites

23 hours ago, The G said:

Is there a way to preserve the changes to the HTML/CSS of the banner after updates? Maybe there is a generic processwirish way to override module markup?

Good question! I don't know a native "processwirish" procedure for this yet. Your solution like a good start. Does anyone else knows a processwirish way of doing this?

Link to comment
Share on other sites

2 hours ago, joshua said:

Good question! I don't know a native "processwirish" procedure for this yet. Your solution like a good start. Does anyone else knows a processwirish way of doing this?

The "processwirish way", IMO, is called hooking. Therefore the originals modules author need to add three underscores to a method name: "___myMethodName()". This method than can be hooked and its output changed. 

Joshua, if you would add three underscores to the public render() method, I think its all done. @The G then should be able to hook in (before or after) and changes the output the way he likes to.

In this case it seems like a small autoloaded custom module should fit:

class MyCustomModule extends WireData implements Module {

    public static function getModuleInfo() {
        return [
            'title' => "MyCustomModule",
            'summary' => "Customizes the output of PrivacyWire module",
            'version' => "0.0.1",
            'autoload' => true,
            'singular' => true,
            'requires' => [ "PrivacyWire", "PHP>=7.2", "ProcessWire>=3.0.0" ],
            'icon' => 'cookie'
        ];
    }

    public function ready() {
        $this->addHookBefore('PrivacyWire::render', $this, 'customRender');
    }

	public function customRender(HookEvent $event) {
		// do your changes or complete override here
		// ...
		$myCustomOutput = $this->myHelperMethod();
		$event->return = $myCustomOutput;
	}

	protected function myHelperMethod() {
		return 'something';
	}
}

Not tested and I'm currently not perfect sure if its better to hook in before or after. (I think before, but you need to test it)

 

TL;DR

Other scenarios may be that the original modules author adds special hooking methods where an output finally is passed through. This function then optionally can be used for changes.

// in PrivacyWire
	public function render(HookEvent $event)
    {
		...
		$output = 'something';

        $output = $this->finalizeOutput($output, $event);
        $event->return = $output;
    }

	public function ___finalizeOutput($output, $origEvent) {
		 return str_replace("</body>", "{$output}</body>", $origEvent->return);
	}

// in another module or site/ready.php, addHookAfter PrivacyWire::finalizeOutput

 

  • Thanks 1
Link to comment
Share on other sites

Ah, but of course! How could I forget about hooks! Thank you, @horst! I realize now that I could probably keep all my overrides in a single place, depending on the presence of the hooks, of course.

@joshua, please make the render() function hookable.

Sometimes I wish ProcessWire could be more restrictive, my /site/ folder is a frankensteinish patchwork of code snippets, because I used whatever the search cat dragged in first 🤣

  • Like 2
Link to comment
Share on other sites

I 've done a pull request against the v2 branch, only three underscores added 😄

This is how I hooked it in ready.php (these are theme specific overrides, so I want to keep them in the /site/ folder somewhere):

// If I want to do something with front pages (old code)
//if (strpos($_SERVER['REQUEST_URI'], $config->urls->admin) !== 0) {
// my front pages are all extending a FrontPage class
// see https://processwire.com/blog/posts/pw-3.0.152/#new-ability-to-specify-custom-page-classes
if (is_subclass_of(page(), 'Processwire\FrontPage')) {
	// [...]

	$wire->addHookBefore('PrivacyWire::render', function($event) {
        $event->replace = true;
        $privacywire = $event->object;

        $isProCache = modules()->isInstalled('ProCache') && modules()->get('ProCache');
        $jsFilePath = getModuleFile($privacywire, 'js/PrivacyWire.js', true);
        if ($isProCache && $privacywire->use_procache_minification) {
            $jsFilePath = modules()->get('ProCache')->js($jsFilePath);
        }

        $output = wireRenderFile(getModuleFile($privacywire, 'PrivacyWireBanner.php'), [ 'module' => $privacywire ]);
        $output .= "\n<script>var PrivacyWireSettings={version:'{$privacywire->version}',dnt:'" . ((int) $privacywire->respectDNT) . "'};</script>";
        $output .= "\n<script defer src='{$jsFilePath}'></script>";

        $event->arguments(0)->return = str_replace("</body>", "{$output}</body>", $event->arguments(0)->return);
    });

	// [...]
}

/**
 * checks for a module file override in the path defined
 * @param  object  $module    the module needing a file overriden
 * @param  string  $file_path the override file path, from the module folder, i.e. "js/PrivacyWire.js"
 * @param  boolean $is_url    switch for outputting a path or an URL, by default the function outputs a path
 * @return string             the override path is it's readable or the initial file path if it's not
 */
function getModuleFile($module, $file_path, $is_url = false)
{
    // we're putting module overrides in /site/templates/modules/
    $override_dir = 'modules/' . $module->className() .'/';
    $override_path = paths()->templates . $override_dir . $file_path;
    // we're overriding files in the module's folder
    $default_path = paths()->$module . $file_path;

    if (is_readable($override_path)) {
        return $is_url
            ? urls()->templates . $override_dir . $file_path
            : $override_path;
    }

    return $is_url
        ? urls()->$module . $file_path
        : $default_path;
}

 

  • Like 2
Link to comment
Share on other sites

Thank you for the PR and the idea! Of course it's a good think to have the render function hookable. I also like the idea of @horst with an hookable output file. I would definitely like to spend some time soon to refactor / optimize PrivacyWire.

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

  • 2 weeks later...
3 hours ago, Matze said:

Just wanted to say thank you for this highly needed plugin! Is there a way to donate for it?

Thanks for your feedback - I'm glad you like it!
Haven't thought about a way for donation yet, but PayPal should work fine. Thanks a lot 🙂

Link to comment
Share on other sites

  • 1 month later...

After the user saves his/her choices, a confirmation message is shown for 1.5 seconds, then is removed.

My contact page uses Google Recaptcha and thus it needs Google's marketing cookies to work. So, in the beginning, instead of the contact form, the page shows only a message explaining that if one wishes to use the contact form, one needs to consent to the marketing cookies. Only after/if the user consents is the form shown. I wanted to have the page refreshed after saving the choices, so the user would not need to do a manual refresh to see the changes. I did it by adding a

74 window.location.reload(true);

line after

73	priw_wrapper.classList.remove('show-message');

which is the one where the confirmation message is removed (priw_showMessage(), line 73 in src/js/PrivacyWire.js) and re-rollup-ing. I could make a pull request if it seems useful.

 

Another suggestion would be make the setTimeout delay configurable. This one is not something I needed, but it just feels right to have it configurable 😁

Link to comment
Share on other sites

Thanks for your input, @The G. There actually already is a way to solve this, thanks to the previous input from @horst:

In the PrivacyWire Settings you can find the "Trigger a custom js function" field:

grafik.png.57da220f8be9a170b45074a5f537e8d6.png

Just add a function name there, which you want to get triggered (in this examle the function is called reloadAfterConsent )
Then somewhere in your code add the relevant function, e.g.:

<script>
    var reloadAfterConsent = function() {
      window.location.reload(true);
    }
</script>

And voilá - your page reloads after every consent saving.

 

14 hours ago, The G said:

Another suggestion would be make the setTimeout delay configurable. This one is not something I needed, but it just feels right to have it configurable 😁

One could make this configurable, of course. Would you like to set the duration or something else of the setTimeout?

  • Like 1
  • Thanks 1
Link to comment
Share on other sites

Nice, it works beautifully.

 

3 hours ago, joshua said:

[...] One could make this configurable, of course. Would you like to set the duration or something else of the setTimeout?

The duration. I'd like to let the user read the message for a little longer:
simplescreenrecorder-2020-09-24_11_45_40.gif.73d372e9619843b286b63fcae514b57d.gif

 

Off-topic question: how does one make posted videos to not extend to the full container width? I used the annoying GIF above because I didn't find a way to display posted videos at their real size.

 

Link to comment
Share on other sites

On 5/10/2020 at 1:41 PM, joshua said:
On 4/9/2020 at 5:45 PM, DV-JF said:

Is there an opposite option to only show an element if a specific data-category isn't allowed?

That's a good point. Right now there isn't a detection for this but I'll think about a way to implement this.

Hey @joshua any news or ideas on this?

Link to comment
Share on other sites

Anyone else experiencing weird behaviour with the external_media option while opting in/out of it?

A recent project needed a little overhaul therefore external media is now only available after opting in to it BUT... it's not working out as expected after you later on decide to opt out or in to it.

Thought about issues with some custom JS but even on a clean install the issue occures.
It's not happening with any other option so far - so I could work around that issue for now.

As you can see the values in local storage are already off for external_media.

pw001.thumb.png.7f3127081d3c8a2dd2e699ae86e3c28e.png

pw002.thumb.png.0c8f0e1980e9459e15966ea8ce3b510f.png

 

  • Like 3
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Similar Content

    • By monollonom
      (once again I was surprised to see a work of mine pop up in the newsletter, this time without even listing the module on PW modules website 😅. Thx @teppo !)
      FieldtypeQRCode
      Github: https://github.com/romaincazier/FieldtypeQRCode
      Modules directory: https://processwire.com/modules/fieldtype-qrcode/
      A simple fieldtype generating a QR Code from the public URL of the page, and more.
      Using the PHP library QR Code Generator by Kazuhiko Arase.

      Options
      In the field’s Details tab you can change between .gif or .svg formats. If you select .svg you will have the option to directly output the markup instead of a base64 image. SVG is the default.
      You can also change what is used to generate the QR code and even have several sources. The accepted sources (separated by a comma) are: httpUrl, editUrl, or the name of any text/URL/file/image field.
      If LanguageSupport is installed the compatible sources (httpUrl, text field, ...) will return as many QR codes as there are languages. Note however that when outputting on the front-end, only the languages visible to the user will be generated.
      Formatting
      Unformatted value
      When using $page->getUnformatted("qrcode_field") it returns an array with the following structure:
      [ [ "label" => string, // label used in the admin "qr" => string, // the qrcode image "source" => string, // the source, as defined in the configuration "text" => string // and the text used to generate the qrcode ], ... ] Formatted value
      The formatted value is an <img>/<svg> (or several right next to each other). There is no other markup.
      Should you need the same markup as in the admin you could use:
      $field = $fields->get("qrcode_field"); $field->type->markupValue($page, $field, $page->getUnformatted("qrcode_field")); But it’s a bit cumbersome, plus you need to import the FieldtypeQRCode's css/js. Best is to make your own markup using the unformatted value.
      Static QR code generator
      You can call FieldtypeQRCode::generateQRCode to generate any QR code you want. Its arguments are:
      string $text bool $svg Generate the QR code as svg instead of gif ? (default=true) bool $markup If svg, output its markup instead of a base64 ? (default=false) Hooks
      Please have a look at the source code for more details about the hookable functions.
      Examples
      $wire->addHookAfter("FieldtypeQRCode::getQRText", function($event) { $page = $event->arguments("page"); $event->return = $page->title; // or could be: $event->return = "Your custom text"; }) $wire->addHookAfter("FieldtypeQRCode::generateQRCodes", function($event) { $qrcodes = $event->return; // keep everything except the QR codes generated from editUrl foreach($qrcodes as $key => &$qrcode) { if($qrcode["source"] === "editUrl") { unset($qrcodes[$key]); } } unset($qrcode); $event->return = $qrcodes; })
    • By Sebi
      AppApiFile adds the /file endpoint to the AppApi routes definition. Makes it possible to query files via the api. 
      This module relies on the base module AppApi, which must be installed before AppApiFile can do its work.
      Features
      You can access all files that are uploaded at any ProcessWire page. Call api/file/route/in/pagetree?file=test.jpg to access a page via its route in the page tree. Alternatively you can call api/file/4242?file=test.jpg (e.g.,) to access a page by its id. The module will make sure that the page is accessible by the active user.
      The GET-param "file" defines the basename of the file which you want to get.
      The following GET-params (optional) can be used to manipulate an image:
      width height maxwidth maxheight cropX cropY Use GET-Param format=base64 to receive the file in base64 format.
    • By MarkE
      This fieldtype and inputfield bundle was built for storing measurement values within a field, rendering them in a variety of formats and converting them to other units or otherwise modifying them via the API.
      The API consists of a number of predefined functions, some of which include...
      render() for rendering the measurement object, valueAs() for converting the value to another unit value, convertTo() for converting the whole measurement object to different units, and add() and subtract() for for modifying the stored value by the value (converted as required) in another measurement. In the admin the inputfield includes a checkbox (which can be optionally disabled) for converting values on page save. For an example if a value was typed in as centimeters, the unit was changed to metres, and the page saved with this checkbox selected, said value would be automatically converted so that e.g. 170 cm becomes 1.7 m.

      A simple length field using Fieldtype Measurement and Inputfield Measurement.
      Combination units (e.g. feet and inches) are also supported.
      Please note that this module is 'proof of concept' at the moment - there are limited units available and quite a lot of code tidying to do. More units will be added shortly.
      See the GitHub at https://github.com/MetaTunes/FieldtypeMeasurement for full details and updates.
    • By tcnet
      File Manager for ProcessWire is a module to manager files and folders from the CMS backend. It supports creating, deleting, renaming, packing, unpacking, uploading, downloading and editing of files and folders. The integrated code editor ACE supports highlighting of all common programming languages.
      https://github.com/techcnet/ProcessFileManager

      Warning
      This module is probably the most powerful module. You might destroy your processwire installation if you don't exactly know what you doing. Be careful and use it at your own risk!
      ACE code editor
      This module uses ACE code editor available from: https://github.com/ajaxorg/ace

      Dragscroll
      This module uses the JavaScript dragscroll available from: http://github.com/asvd/dragscroll. Dragscroll adds the ability to drag the table horizontally with the mouse pointer.
      PHP File Manager
      This module uses a modified version of PHP File Manager available from: https://github.com/alexantr/filemanager
       
    • By tcnet
      This module implements the website live chat service from tawk.to. Actually the module doesn't have to do much. It just need to inserted a few lines of JavaScript just before the closing body tag </body> on each side. However, the module offers additional options to display the widget only on certain pages.
      Create an account
      Visit https://www.tawk.to and create an account. It's free! At some point you will reach a page where you can copy the required JavaScript-code.

      Open the module settings and paste the JavaScript-code into the field as shown below. Click "Submit" and that's all.

      Open the module settings
      The settings for this module are located int the menu Modules=>Configure=>LiveChatTawkTo.

       
×
×
  • Create New...