EUROPA websites must follow the Commission's guidelines on privacy and data protection and inform users that cookies are not being used to gather information unnecessarily.
The ePrivacy directive – more specifically Article 5(3) – requires prior informed consent for storage for access to information stored on a user's terminal equipment. In other words, you must ask users if they agree to most cookies and similar technologies (e.g. web beacons, Flash cookies, etc.) before the site starts to use them.
For consent to be valid, it must be informed, specific, freely given and must constitute a real indication of the individual's wishes.
In this context this solution lives.
It simply alters the default document.cookie
behavior to disallow cookies to be written on the client side, until the user accept the agreement.
At the same time it blocks all third-party domains you have configured as cookie generators.
If you find this script useful, and since I've noticed that nobody did this script before of me, I'd like to receive a donation. :)
This Javascript the standalone version. You can find the WordPress version either on GitHub and WordPress Plugins Repository (awaiting approval).
The purpose of EUCookieLaw3 is to grant a simple solution to comply the ePrivacy directive – concerning the cookie consent and General Data Protection Rules (also known as GDPR).
There is an older version of this library named just EUCookieLaw which this one is the direct evolution.
It was developed as new one due the several breaking changes in it.
You can use the online configuration builder that allows you to configure its work in the simplest way.
However, if you are a web developer, and you want to go beyond the configurator and manage by your own the most of the things, here follows the technical documentation.
Note: If you don't use Bootstrap 3 on your site you can look for a theme for EUCookieLaw3.
To let EUCookieLaw to work properly in your web site you must include and initialize it.
<!-- EUCookieLaw 3.0 - BEGIN -->
<script type="text/javascript" src="https://diegolamonica.info/tools/eucookielaw3.min.js"></script>
<script type="text/javascript">
var cookieLaw = new EUCookieLaw();
</script>
<!-- EUCookieLaw 3.0 - END -->
IMPORTANT To ensure that EUCookieLaw3 works properly, include it just after the opening <head>
tag in the HTML like in the example below:
<html>
<head>
<!-- Here you will insert EUCookieLaw3 block -->
<!-- EUCookieLaw 3.0 - BEGIN -->
<script type="text/javascript" src="https://diegolamonica.info/tools/eucookielaw3.min.js"></script>
<script type="text/javascript">
var cookieLaw = new EUCookieLaw();
</script>
<!-- EUCookieLaw 3.0 - END -->
<!-- Then goes the rest of your HTML page -->
<meta charset="utf-8">
<title>My sample header</title>
...
</head>
The initialization method new EUCookieLaw()
expects optionally a settings argument in JSON format.
By default is true
to grant the backcompatibility with previous version of EUCookieLaw3.
If set to false, EUCookieLaw3 will not start to observe the content of the page since the script will invoke the run
method.
Accepts an integer value that defines the number of days before the agreement expires.
According to the Cookie Law, the maximum number of days should be 365 (1 year) but, considering either the GDPR and the Cookie Law, you must clarify which is the maximum period you preserve user data for each treatment.
Default value for this property is 365
This boolean value changes the behavior of the script. Setting it to true
, cookies are enabled by default: it means that
any script is executed on the page is able to store cookie in the client browser.
If it set to false
, cookies are not stored until the user consent.
Note: because cookies are generated server side so, scripts and images and in general any resource stored on an
external server that generates cookies, the unwanted external cookies must be blocked creating a blocking group (see method registerGroup
).
Default value for this property is false
.
Some cookies, defined as techincal cookies can be whitelisted. It means that they are allowed to be installed in the
browser regardless of cookieEnabled
value.
This property accepts an array of cookies with some special rules:
-
If starts with a
.
(dot char), it means that the cookie ends with the word that follows the dot (.lorem
supposes as allowed cookieslorem
,mylorem
andmy_lorem
but disallowloremipsum
). -
If ends with a
.
(dot char), it means that the cookies begins with the word that preceed the dot (lorem.
supposes as allowed cookieslorem
,loremipsum
andlorem_ipsum
but don't acceptmy_lorem
). -
If both starts and ends with a
.
(dot char), all cookies that contains the world into the name (merging both the above rules) -
If no dots is signed both on begin and at the end of the keyword, only the exact name is accepted.
Default value is an empty array.
var cookielaw = new EUCookieLaw({
cookieWhiteList: [
'lorem', /* accepts exactly "lorem" */
'.ipsum', /* accepts either "ipsum" and "my_ipsum" */
'dolor.', /* accepts either "dolor" and "dolor_amet" */
'.sit.' /* accepts "sit", "sith", and "babysitter" */
]
})
Throug this property you can choose how the user will give you the consent.
- On Scroll (value
EUCookieLaw.CHECK_MODE_ON_SCROLL
) will grant the user to scroll the window to give you the consent. Remember that GDPR requires that the user should give the explicit consent and scroll would be considered as implicit consent. However if your site is not subject to GDPR rules, you can choose for this option. - On single (value
EUCookieLaw.CHECK_MODE_IMMEDIATE
) consent In this way just when the user will accept each of the blocked groups, they will be automatically enabled. - On click (value
EUCookieLaw.CHECK_MODE_ON_CLICK
) If user will click in any point of your page the blocked groups will be accepted in bundle. - On consent (value
EUCookieLaw.CHECK_MODE_ON_CONSENT
) This is the most restrictive mode, indeed the user must choose which groups to consent and, only after the confirm button click, the contents on the page will become available.
Default value for this property is EUCookieLaw.CHECK_MODE_IMMEDIATE
.
Accepts a numeric value defined in pixels.
If agreeMethod
is set to EUCookieLaw.CHECK_MODE_ON_SCROLL
this property tells how many pixels the user should scroll
the page before assuming he is giving its consent to install third-party cookies.
If agreeMethod
is any other values than EUCookieLaw.CHECK_MODE_ON_SCROLL
this property is totaly ignored.
Default value for this property is 200
.
By default EUCookieLaw manages by its own those HTML nodes: iframe
, img
, script
replacing the src
attribute if
the specific node should be blocked, and link
replacing the href
attribute if needed.
In the case of iframe
and script
the src
attribute is replaced with about:blank
.
In the case of img
attribute is replaced with a one-trasparent-pixel-data-image.
The structure of each managed item in this structure is the following:
NODE_NAME: {
attr: {
attribute1: 'new-value-1-when-and-if-blocked',
attribute2: 'new-value-2-when-and-if-blocked'
}
}
This property is a special method that opens the user consent dialog. If you are not sure what are you doing, please don't touch it.
It will try to open the consent dialog using JQuery and Bootstrap functions, however if no installed will apply modal-open
class to the body
and
modal-open
class to the EUCookieLaw3 HTML node.
The method accepts as input just one argument that is the consent dialog HTML node.
openCallback = function(dialog) {
/*
* do what you want to show consent dialog
*/
}
Note: for further informations about library dependency see the Dependencies Section.
dialogCookieGroupsListHiddenClass
With this property you can set which class should be applied to the dialog group list when it is hidden.
Default value for this property is hidden
.
dialogCookieGroupsListDefaultIsHidden
This property accepts a boolean value.
You can choose if the list of cookies in the dialog would be visible or not by default.
Default value for this property is true
.
Through this property you can set the name of the class for the single group that the user has consented.
Default value for this property is approved
.
Through this property you can set the name of the class for the single group that the user has rejected.
Default value for this property is rejected
.
DO NOT USE/TOUCH/PASS Reserved for future implementations.
Invoking it will make EUCookieLaw3 able to observe the page changes.
This method allows you to add specific cookie to the whitelist according to the cookieWhiteList
rules.
This method allows you to set the agreeMethod
.
Through this method you can create an informative consent group.
-
id
must be unique for a group and can be either a string or a number. It's suggested to use a cohomprensive group identifier and never change it once the website goes live.
NOTE: If sameid
is given for two different groups only the defined first is used. -
name
is the human readable version of the groupId, it's merely descriptive and should be short (eg. Facebook Social Widget) -
description
is the full explained version of the name. -
enabledByDefault
is a boolean value that allow to set as enabled the treatment when the user reach the site for the first time.
This method works in bundle with registerURL
method.
Register a new blocking rule.
-
groupId
the string that refers to a group idenytified by thegroupId
. If thegroupId
does not exists then will be created a group which bothid
andname
will be the same. -
URL
can be either a sting or array of strings.
Each given string must comply to those assertions:-
The given string is the beginning of the URL (eg.
https://www.example.com/
), files and subdirectories are considered as matched (ok:https://www.example.com/lorem.html
, ok:https://www.example.com/lorem/ipsum.html
, ignored:https://api.example.com
) -
If starts with a
.
(dot char), it means that the the rule will consider both the current domain and any subdomain (example:.example.com
will recognizewww.example.com
,api.example.com
andcdn1.api.example.com
).
-
Enable watching on specific node type in the page.
nodeName
is the HTML name of the node ( eg.meta
)attributes
are the list of attributes to watch in a key/pair format where the key is the name of the attribute to take under control and the value is the value to apply if the attribute contains a keyword from a blocking group.contentManagement
is an object with 2 attributes:removeContent
accepts boolean value. Iftrue
and one of the attributes match the given rule, the inner HTML of the element will be removed until the user give his consent for the specific treatment.
Thinking with the GDPR point of view, this option can be usefull for HTML forms that requires user consent the specific treatment before filling a form.lookupInnerText
accepts boolean value. Iftrue
checks if the text into the element contains the specific keyword defined in the blocking group.
In this example we see how to block a form prior the consent of the user
Assuming the HTML contains a form with class contact-form
<form id="my-special-contact-form" class="contact-form">
<label for="#your-email-field">Email address:</label>
<input type="email" id="your-email-field" name="email_address" placeholder="[email protected]" />
<button type="submit">Register now</button>
</form>
You should register a new group in which you will define the rule for the attribute class
of FORM
element and mark
the content to be removed until the user don't give his consent.
var cookieLaw = new EUCookieLaw();
cookieLaw.registerGroup(
'dem',
'Direct Email Marketing',
'You will consent to send you email marketing giving us your email address'
);
cookieLaw.registerURL( 'dem', ['contact-form'] );
cookieLaw.handleNode( 'FORM',
{ id: 'contact-form-removed', class: 'removed' },
{ removeContent: true, lookupContent: false }
);
Executes a change for one of the dialog property. This method must be called, if needed, before the user dialog is shown because it
id
is the unique identifier of each part of the modal. In the table below you can find the several identifiers.
id | Available Properties | Purpose |
---|---|---|
dialog-container |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the dialog container | |
dialog |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the dialog | |
dialog-content |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the dialog content | |
header-container |
html |
HTML Template for this part |
titleTag |
Tag name for the title (default value is strong ) |
|
content |
HTML inside the title element (default is Cookie Policy agreement ) |
|
classes |
Classes (in the space-separated format) to be applied to the header container | |
body-container |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the body container | |
body-text-content |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the body text container | |
content |
HTML inside the modal body element (default is This site uses cookies ) |
|
body-button-container |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the body button container | |
review-button |
html |
HTML Template for this part |
content |
HTML inside the review consent button (default is Review consents ) |
|
classes |
Classes (in the space-separated format) to be applied to the review button item | |
cookie-group-list |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the cookie group list | |
cookie-group-list-item |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to each cookie group list item | |
button-container |
html |
HTML Template for this part |
classes |
Classes (in the space-separated format) to be applied to the button container | |
close-button |
content |
HTML inside the close button. Default value is close |
classes |
Classes (in the space-separated format) to be applied to the close button | |
footer-container |
html |
HTML Template for this part |
cookieLaw.updateDialogProperty("review-button", "classes" ,"hidden");
Shows the user consent dialog. Using this method you can create a special link on a page which opens the dialog again to allow users to reconsider their choiches.
<a href="#" onclick="cookieLaw.showAlert();"
class="btn btn-primary">Change your choices</a>
For them who want to manage the consent recording EUCookieLaw has a special callback method invoked on group consent and
rejection. This method must be global in the page and its name must be userConsentCallback
.
It expects 3 arguments:
groupName
the identifier of the group the user gave the consent.agreement
the status of the consent (ok
for consent,ko
for rejection)when
date time string in ISO format.
EUCookiealw stores a special key in LocalStorage
named eucookielaw-client-signature
.
It is a GUID number generated as a random complex value.
You all those values together to create a special consent record.
In the code below there is a simple example:
window.userConsentCallback = function ( groupName, agreement, when ) {
var guid = localStorage.getItem('eucookielaw-client-signature');
$.ajax({
url: 'register-consent.php',
method: 'post',
data: {
name: groupName,
status: agreement,
when: when,
guid: guid
}
});
};
The remote registe-consent.php
will receive in POST the data. Follows a simple example:
<?php
session_start();
if(!isset($_SESSION['consents'])){
$_SESSION['consents'] = json_encode([]);
}
$consents = json_decode($_SESSION['consents']);
$consents[] = $_POST;
$_SESSION['consents'] = json_encode($consents);
die('ok');
This library is totally dependency-free. No framework is required, however it works well with jQuery (just if on the page) and with BootStrap 3.3 (of which the modal window classes are used). However there is a repository where all Frontend developers can contribute creating their own style.
Again, if you find this script useful, and since I've noticed that nobody did this script before of me, or simply if you want to show your support, a donation is really apreciated. :)