Jump to content

PrivacyWire - Cookie Management & async external asset loading


joshua

Recommended Posts

Hi @joshua and fellow cookie munchers. I might have spotted another glitch in the cookie matrix.

What I did/tested: 

I changed the version number in the settings.

What happened:

  1. nothing until I cleared the ProCache cache (which is fine I guess), then afterwards...
  2. the cookie banner showed up again and asked for consent (which was expected) BUT...
  3. all external media assets, tracking scripts, etc. were still loading (which was unexpected)
  4. giving consent closed the banner (fine) BUT it came right back on the next page

Why did it happen:

The test user had already given consent and therefore and old entry existed in the local storage which said sure give me cookies and whatever BUT it didn't recognize the new version and therefore didn't revoke the old opt-in/consent on first load with the new version AND wasn't updated after opting in again.

TL;DR

Changing the version number in the settings does not reset/clear/delete/revoke all previously given and stored local storage settings and won't update after giving consent again to the new version.

  • Like 2
Link to comment
Share on other sites

Thanks @wbmnfktr for noticing this!

There really was a bug with the version number and async loading of scripts etc.

I fixed this in V0.2.5.

After changing the version number in the backend (and refreshing ProCache - especially when you have activated the option to minify local Javascript) PrivacyWire will check the version number first before handling the elements requiring consent.
 

  • Like 3
  • Thanks 1
Link to comment
Share on other sites

Today there are two updates for PrivacyWire (newest Version V0.2.7 )

1. The update of elements after giving consent now observs more attributes (also srcset for responsive images and width/height attributes - especially good for iFrames)

2. When the user wants to choose the detailled cookies, there is now a option to show another "Accept All" Button instead of the "Toggle" Button - configurable via module config.

  • Like 3
  • Thanks 1
Link to comment
Share on other sites

On 9/29/2020 at 2:52 PM, DV-JF said:

Is there an opposite option to only show an element if a specific data-category isn't allowed?

I added a feature for this in todays 0.3.0 (not pushed the release tag yet, as there was a lot of rewriting to implement this feature).

If you want to show an opt-in element instead of the consent-required element, just add a data-attribute data-ask-consent="1". Here is an example:

<iframe src="" data-src="https://www.example.com/" data-category="marketing" data-ask-consent="1" frameborder="0" height="400" width="400"></iframe>

In this case, the iframe gets only loaded, when cookies of type "marketing" are allowed. If not, the user will be asked for consent. The text of the consent-window is configurable in the module config.
The markup of this message also includes an css class with the type of cookie, if you want to style them specifically.

  • Like 5
Link to comment
Share on other sites

@ngrmm I had a similar issue and went kind of a different route and added role="main" to my main header and excluded it later on in my PrivacyWire CSS.

header:not([role=main]) {
    // here you go
}

For the moment that should work out quiet nice without any or at least only minor issues - at least when you are working with less, sass, SCSS and similar.

 

  • Like 3
Link to comment
Share on other sites

Thanks a lot for this wonderful module! It works like a charm, except for one little problem:  When I use the "Accept all" button I have to reload the website for the changes to take effect. Selecting specific categories and clicking the "Save preferences" button has immediate effect. Is this an indented behaviour or am I missing something here? 

  • Like 1
Link to comment
Share on other sites

@ngrmm thanks for your input. Semantically header tags are allowed to have multiple instances within one page (e.g. one main page header and one header per <article> etc.).
But I see the point - within the cookie banner a <header> might not be the best semantical element to choose.

To provide backwards compatibility (if someone has already styled the PrivacyWire <header> via CSS) I will add an option to configure the output tag between <header> and <div>.

 

  • Like 2
Link to comment
Share on other sites

@ngrmm That actually was my first type of implementation (separating css and js), but as the CSS file would be very small (554 Byte), it actually is slower to load these two connections vs. loading only one JS file with the CSS included ( even with HTTP/2 - I tested it alot!).

This is the total amount of styles used by PrivacyWire (beautified for better readability):

.privacywire {
    position: fixed;
    bottom: -250%;
    left: 0;
    right: 0;
    box-shadow: 0 -1px 3px rgba(0, 0, 0, .3);
    opacity: 0;
    background: #fff;
    z-index: 1;
    padding: 1rem;
    transition: bottom .3s ease-in, opacity 1s ease-out
}

.privacywire .privacywire-header {
    font-weight: 700
}

.show-banner .privacywire.privacywire-banner,
.show-message .privacywire.privacywire-message,
.show-options .privacywire.privacywire-options {
    bottom: 0;
    opacity: 1;
    transition: bottom .3s ease, opacity .3s ease
}

.privacywire button[hidden],
[data-ask-consent-rendered="1"],
div.privacywire-ask-consent-blueprint {
    display: none
}

You could do the following:

1. Uncheck the config checkbox "Add basic CSS Styling":

grafik.png.a35fcb159fae0b193a4918cffc22b8a8.png
2. Add the styles to your own stylesheet.

  • Like 4
Link to comment
Share on other sites

Nice work!

Question:

I'm finding myself in need of many changes in the banner template, so I had to hook-replace the module's 'render' method.

Would be useful to isolate the path retrieving code in separate hookable functions? Like this:

    /**
     * checks for a banner template alternate path
     * @return string   the path of the banner template file
     */
    public function ___getBannerTemplate()
    {
        return $this->wire('config')->paths->$this . 'PrivacyWireBanner.php';
    }

    /**
     * checks for a javascript file alternate path
     * @return string   the path of the banner template file
     */
    public function ___getJsFile()
    {
        return ($this->add_basic_css_styling) ? $this->wire('config')->urls->$this . "js/PrivacyWire.js" : $this->wire('config')->urls->$this . "js/PrivacyWireUnstyled.js";
    }

Then, I could use it (I am using it, actually) like this (in /site/ready.php):


// my front pages are all extending a FrontPage class
// see https://processwire.com/blog/posts/pw-3.0.152/#new-ability-to-specify-custom-page-classes
if (page() instanceof FrontPage) {

    $wire->addHookAfter('PrivacyWire::getBannerTemplate', function ($event) {
        $event->replace = true;
        $default_path = $event->return;
        $filename = pathinfo($default_path, PATHINFO_BASENAME);
        // my override is in /site/templates/modules/PrivacyWire/PrivacyWireBanner.php
        $override_path = paths()->templates.'modules/PrivacyWire/'.$filename;
        $event->return = is_readable($override_path) ? $override_path : $default_path;
    });

}

 

Or even simpler (for me 😂), those could be two new config keys, like 'alternateBannerTemplate' and 'alternateJsFile'.

 

This would also cover the case of needing to change the header tag, so it could be dropped (just a thought, don't hit me in the head, you valiant head tag config defenders 😁).

Edited by The G
Corrected embarassing code blooper
  • Like 1
Link to comment
Share on other sites

@The G Your wish is my command 😅

I just added another config option for an alternative banner template file! In addition (to be even more flexible 😄 ) I included your idea of the hookable methods for banner template and js file.

grafik.thumb.png.deb17e56c5937565eb3a2b72a180b36c.png

/**
* checks for a alternate banner template path
* @return string   the path of the banner template file
**/
public function ___getBannerTemplateFile()
{
	return (!empty($this->alternate_banner_template) && file_exists($this->wire('config')->paths->root . $this->alternate_banner_template)) ? $this->wire('config')->paths->root . $this->alternate_banner_template : $this->wire('config')->paths->$this . 'PrivacyWireBanner.php';
}

So now you have to decide whether you prefer to hook or configurate 😄

--> 0.3.3 <--

  • Like 4
  • Thanks 2
Link to comment
Share on other sites

So, excited to use the updated version as I was, there was no time for RTFM - even if there was clearly written

without leading slash

, I merrily entered

/site/templates/modules/PrivacyWire/PrivacyWireBanner.php

and BANG!, ProcessWire shouted at me for wanting to use a not allowed path (because of the resulting double slash). I'm still trembling!

Since it breaks so hard, I'm wondering if the input could be somehow forced to loose the leading slashes forgotten by irresponsible people like yours truly. Sadly, I'm not well versed (yet!) in module configuration input validation/modification.

Or at least, write "without leading slash" in bold letters 😅

  • Like 1
Link to comment
Share on other sites

Hey @joshua! Would you consider making this module installable via Composer?

Technically this just requires a) adding a composer.json file where you specify project name, type ("pw-module"), and a dependency for installer plugin (preferably wireframe-framework/processwire-composer-installer), b) adding the project to packagist.org, and c) (optional, but recommended) setting up a webhook between GitHub and Packagist so that new releases become automatically available at Packagist (or giving Packagist the permission to handle this step).

Here's an example composer.json from ProcessRedirects: https://github.com/apeisa/ProcessRedirects/blob/master/composer.json.

Thanks in advance for considering this 🙂

  • Like 3
Link to comment
Share on other sites

  • 4 weeks later...

Hello all.

I decided to try PrivacyWire as had a request for one of my friends websites. So I proceeded to install and configure the module as needed, however I am stuck at how would the cookie consent appear on Home page (banner is not showing automatically). Can someone point me what am I missing as I checked 3 times the configs and did not find a markup to insert or a template to point to in the admin?

Link to comment
Share on other sites

Hello @wbmnfktr

I shall stop coding during late hours of the night. You were absolutely right that during my initial tests on localhost, I've slipped to close properly the body tag and that was causing the issue.

Thank you very much for the spotting and sharing what was obvious. It is all showing properly now, so I only would style it to fit the frontend.

  • Like 1
Link to comment
Share on other sites

Hi @joshua

i tried to have an iframe only be shown if consent is given.
This is my code:

<div data-category='external_media' data-ask-consent='0'>
	<div class='video_content' >";
		<iframe src='https://www.youtube-nocookie.com/embed/XXXXXXXXXX?enablejsapi=1' width='640' height='390' frameborder='0'></iframe>
	</div>
</div>

If consent for external_media is not given, the module asks you to give consent. „To load this element, it is required to consent to the following cookie category: External Media.“ 
But if consent is given, it does not show the div.video_content or the iframe. I tested to have some plaintext instead of the iframe and it works.

So this works:

<div data-category='external_media' data-ask-consent='0'>
	<div class='video_content' >
		<p>hello world!</p>
	</div>
</div>

And it looks like as if  0 or 1 for data-ask-consent does not make any difference.

UPDATE:
my fault, this works!
 

<div class='video_content' >";
	<iframe src='' data-src='https://www.youtube-nocookie.com/embed/XXXXXXXXXX?enablejsapi=1' data-category='external_media' data-ask-consent='0' width='640' height='390' frameborder='0'></iframe>
</div>

 

Edited by ngrmm
solved
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Similar Content

    • By Marco Ro
      Hi guys!
      I'm a bit anxious because this is the first module I present! (beta modulo) But I will finally be able to share something with the community too! :)
      This is a BETA version of the PayPal payment system called: PayPal Commerce Platform.
      It is an advanced system (Business Pro account is needed) that brings various benefits in terms of fees and above all integrates direct payment with credit/debit cards. 
      The module integrates with Padloper 0.0.2, which is the current installation I'm using.
      This system integrates the classic PayPal buy button, the alternative or local payment method and the new payment system: credit/debit cards that doesn't go through the PayPal account. It is a Stripe-style payment, it connects directly with the bank and integrates 3D security validation.
      I say that it is a BETA because this module currently only works with Sandbox account, to put it live you need to change API url manually (manually for the moment).
      Because this module is not ready for live:
      I would like to have your opinion on how I built the module (is the first one I do). I don't want to share something that is not fish but I need a comparison with someone more experienced than me, for be sure that this is the best way to code the module.
      If you want to try this I created a git, you will find all the instructions for installation and correct operation. (Git has a MIT licensed)
      https://github.com/MarcooRo/processwire-PayPal-Commerce-Platform I hope I did something that you guys can like :)
    • By monollonom
      (once again I was surprised to see a work of mine pop up in the newsletter, this time without even listing the module on PW modules website 😅. Thx @teppo !)
      FieldtypeQRCode
      Github: https://github.com/romaincazier/FieldtypeQRCode
      Modules directory: https://processwire.com/modules/fieldtype-qrcode/
      A simple fieldtype generating a QR Code from the public URL of the page, and more.
      Using the PHP library QR Code Generator by Kazuhiko Arase.

      Options
      In the field’s Details tab you can change between .gif or .svg formats. If you select .svg you will have the option to directly output the markup instead of a base64 image. SVG is the default.
      You can also change what is used to generate the QR code and even have several sources. The accepted sources (separated by a comma) are: httpUrl, editUrl, or the name of any text/URL/file/image field.
      If LanguageSupport is installed the compatible sources (httpUrl, text field, ...) will return as many QR codes as there are languages. Note however that when outputting on the front-end, only the languages visible to the user will be generated.
      Formatting
      Unformatted value
      When using $page->getUnformatted("qrcode_field") it returns an array with the following structure:
      [ [ "label" => string, // label used in the admin "qr" => string, // the qrcode image "source" => string, // the source, as defined in the configuration "text" => string // and the text used to generate the qrcode ], ... ] Formatted value
      The formatted value is an <img>/<svg> (or several right next to each other). There is no other markup.
      Should you need the same markup as in the admin you could use:
      $field = $fields->get("qrcode_field"); $field->type->markupValue($page, $field, $page->getUnformatted("qrcode_field")); But it’s a bit cumbersome, plus you need to import the FieldtypeQRCode's css/js. Best is to make your own markup using the unformatted value.
      Static QR code generator
      You can call FieldtypeQRCode::generateQRCode to generate any QR code you want. Its arguments are:
      string $text bool $svg Generate the QR code as svg instead of gif ? (default=true) bool $markup If svg, output its markup instead of a base64 ? (default=false) Hooks
      Please have a look at the source code for more details about the hookable functions.
      Examples
      $wire->addHookAfter("FieldtypeQRCode::getQRText", function($event) { $page = $event->arguments("page"); $event->return = $page->title; // or could be: $event->return = "Your custom text"; }) $wire->addHookAfter("FieldtypeQRCode::generateQRCodes", function($event) { $qrcodes = $event->return; // keep everything except the QR codes generated from editUrl foreach($qrcodes as $key => &$qrcode) { if($qrcode["source"] === "editUrl") { unset($qrcodes[$key]); } } unset($qrcode); $event->return = $qrcodes; })
    • By Sebi
      AppApiFile adds the /file endpoint to the AppApi routes definition. Makes it possible to query files via the api. 
      This module relies on the base module AppApi, which must be installed before AppApiFile can do its work.
      Features
      You can access all files that are uploaded at any ProcessWire page. Call api/file/route/in/pagetree?file=test.jpg to access a page via its route in the page tree. Alternatively you can call api/file/4242?file=test.jpg (e.g.,) to access a page by its id. The module will make sure that the page is accessible by the active user.
      The GET-param "file" defines the basename of the file which you want to get.
      The following GET-params (optional) can be used to manipulate an image:
      width height maxwidth maxheight cropX cropY Use GET-Param format=base64 to receive the file in base64 format.
    • By MarkE
      This fieldtype and inputfield bundle was built for storing measurement values within a field, rendering them in a variety of formats and converting them to other units or otherwise modifying them via the API.
      The API consists of a number of predefined functions, some of which include...
      render() for rendering the measurement object, valueAs() for converting the value to another unit value, convertTo() for converting the whole measurement object to different units, and add() and subtract() for for modifying the stored value by the value (converted as required) in another measurement. In the admin the inputfield includes a checkbox (which can be optionally disabled) for converting values on page save. For an example if a value was typed in as centimeters, the unit was changed to metres, and the page saved with this checkbox selected, said value would be automatically converted so that e.g. 170 cm becomes 1.7 m.

      A simple length field using Fieldtype Measurement and Inputfield Measurement.
      Combination units (e.g. feet and inches) are also supported.
      Please note that this module is 'proof of concept' at the moment - there are limited units available and quite a lot of code tidying to do. More units will be added shortly.
      See the GitHub at https://github.com/MetaTunes/FieldtypeMeasurement for full details and updates.
    • By tcnet
      File Manager for ProcessWire is a module to manager files and folders from the CMS backend. It supports creating, deleting, renaming, packing, unpacking, uploading, downloading and editing of files and folders. The integrated code editor ACE supports highlighting of all common programming languages.
      https://github.com/techcnet/ProcessFileManager

      Warning
      This module is probably the most powerful module. You might destroy your processwire installation if you don't exactly know what you doing. Be careful and use it at your own risk!
      ACE code editor
      This module uses ACE code editor available from: https://github.com/ajaxorg/ace

      Dragscroll
      This module uses the JavaScript dragscroll available from: http://github.com/asvd/dragscroll. Dragscroll adds the ability to drag the table horizontally with the mouse pointer.
      PHP File Manager
      This module uses a modified version of PHP File Manager available from: https://github.com/alexantr/filemanager
       
×
×
  • Create New...