Jump to content

Processwire Frontend Cookie Wire


cwsoft
 Share

Recommended Posts

Hello all,

is there a way to prevent the creation of the Processwire frontend Cookie wire until the user has confirmed/opt-in to allow technical required Cookies? Not too sure, if the wire Cookie is technical really required for PW to do it‘s job (show frontend stuff, remember layout etc.). In Germany it‘s still a bit fuzzy, what technical required means to a lawyer. So ideally there shouldn‘t be set any Cookie without opt-in by the frontend user, unless it is really technical required. 

Can anybody shine some light on this aspect? For what is the wire Cookie used in the frontend layer, or in other words technical required by the PW frontend? What parts - except admin/backend - of PW wouldn‘t work without that cookie?

Looking forward for some hints on that topic.

Link to comment
Share on other sites

@flydevThanks a lot. Exactly what I searched for. Will try to play around with those settings. Regarding lawyers. Interesting post, but stuff may differ in Germany. The lawyer of the company I am working for has a completely different view of what Cookies are technical required and what Cookies are not ?

Cheers.

  • Like 1
Link to comment
Share on other sites

@zx80 Check out the $sessionAllow options in the config.php file.  The outline config.php in the wire/ directory documents all the options and outlines how to turn off guest-based session cookies using a callable. This isn't exactly what you asked about but might be a starting point.  I use this method to create a cookie-free public interface on the site I posted about the contact form before. No cookie banner because there are no cookies at all unless you are an admin and know where the admin interface is.

  • Like 1
Link to comment
Share on other sites

@netcarverThanks for your reply. Will most likely deactivate Cookies in frontend, unless you are in admin/backend, or the user checked the confirmation in the frontend form to use CSRF protection. Most likely in combination with a user consent module asking for permission. Your posts and links helped a lot to understand the background to get things done.

Link to comment
Share on other sites

  • 2 weeks later...

Hi,

have used the site/config.php $config->allowSession handler in combination with the PrivacyWire module to disable frontend cookies unless the user opt-in to accept technical required cookies for a booking form shown on my frontend w/o user login required. The booking form is not displayed and processed until user opt-in. Instead a message is shown that the booking form requires cookies to work. The other pages can be viewed but with the consent form displayed. 

Once the user opt-in, the PW wire cookie is created and the booking form can be used as normal. Don‘t know if that is really necessary, but that way should be ok with the lawyers out there in EU/Germany. 

P.S.: If Url contains backend path, sessions and cookies are enabled by default. Its just disabled for the frontend guest users by default.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...