Module: NoCoWoCo - No Cookie Without Consent

[cwsoft]

Just working on a new module for a customer who is concerned about the wire frontend cookie set w/o prior consent by the user. The customer uses frontend forms which require session cookies (wire) e.g. for CSRF checks, input validation, failed attempt restrictions etc. So he wanted to show a cookie dialogue asking for consent for technical required cookies, even if this is not 100% required by the DSGVO. First used a modified PrivacyCookie module to achieve this, before I went to create a minimalistic module myself.

My module hooks before page::render and adds a cookie consent dialogue which asks for consent for technical required cookies and shows an Accept/Decline button and links to imprint and privacy policy sites. My module also hooks into $config->sessionAllow and sets it to true if user gave consent, requested a backend page or a wire session already exists. This way wire cookie is only created in frontend if user gave consent.

On the form page of my customers site the display and processing of the frontend form is wrapped in a $session->hasCookie() block to execute only after user gave consent. Without consent a message is shown that using the form requires cookies.

By default the consent cookie is stored for 7 days if accepted, so the cookie dialogue won‘t show up on next visit unless user cleared cache. If user declined, the consent cookie expires after the browser session so the cookie banner pops up again on next browser session.

So who may be using this module? Clients only using technical required cookies by default (no google fonts, youtube etc.) maybe with an optional frontend form, which are still afraid or simply want to have a cookie consent dialogue before the PW wire frontend cookie gets created.

Will do some more tests and polishing, before uploading the module to my Github repository.

 

 

[cwsoft]

After some more tests and polishing, the first version of my new site module NoCoWoCo - No Cookie Without Consent was released on my Github profile. The cookie consent dialogue will need some more love (like fade in/out CSS animations, darken background, maybe make it modal). A future version may add configurations for the links to the imprint and privacy policy pages (if exists), but this can easily be set in the module template file for now, so I don't know if it´s worse but we will see.

Feedback welcome but not required of course. Have fun.

[cwsoft]

Dear all,

just released v0.0.2 of my No Cookies Without Consent module.

I basically added my Typescript and SASS source files and config files so other users can modify the minified Javascript/CSS code more easily themselves. Using Windows 10 and VS Code as my PW dev environment.

The NPM modules used (typescript, sass, esbuild) can easily be installed as dev-dependencies via npm run install inside the module folder. Apart from that some code refactoring to avoid flickering of cookie consent on page reloads and some code clean up. I set the target of the transpiled JS file to es6 for better browser support (before it was set to ESNext).

Have fun

P.S.: The Github release section contains a ZIP-file containing just the ProcessWire module files without the DEV stuff included. The attached ZIP-file is the preferred installation option for end users, while cloning the git repo is the preferred option for devs wanting to adapt/modify the module code. 

[cwsoft]

Dear all,

just to let you know. I uploaded my module NoCookieWithoutConsent to the ProcessWire modules directory: https://processwire.com/modules/no-cookie-without-consent/.
Please note: Module needs to pass the official approval before it will show up in the modules directory for others too.

Cheers cwsoft

[cwsoft]

Yeah, my module was approved and is now listed in the ProcessWire module catalog https://processwire.com/modules/no-cookie-without-consent/. Thanks to all and have fun.

[cwsoft]

Dear all,

just released version 1.0.1 of my ProcessWire site module NoCookieWithoutConsent on the ProcessWire module repository.

Added the option to specify URL segments for the optional imprint and privacy policy page via the module configuration in the backend. If the URL segments are set, the link to the specified page will be shown in the footer of the cookie consent dialogue. If no URL segments are specified, no links are shown at all (default).

As the module runs without issues on some client sides already, I pumped the version from v0.0.2 to v1.0.0 (quickly followed by v1.0.1 fixing an overseen hardcoded URL).

Have fun.