An add-on to provide a full-featured cookie consent solution for your site. It's mainly target to the recent European Cookie Law but can be used anywhere if you care about user's privacy.
Table of contents
How it works
This add-on gives two kind of different features:
- A cookie consent confirmation banner, which should link (but it's not required) the user to a Privacy Policy.
- An opt-out dashboard for accept/reject single cookies
This add-on is also compatible with internationalized sites (LinguaPlone supported).
Cookie consent banner
This is provided using a slightly modified version of the Silktide Cookie Consent JavaScript plugin
Apart some accessibility enhancement (see here, here, here and here) it's content and behavior can be customized by a control panel.
Opt-out dashboard
Additionally an opt-out dashboard (a view callable as /@@optout-dashboard) is available to restricts 3rd-party cookies.
The dashboard composition can be configured by the control panel, but is above che scope of this add-on to manage how those cookies are processed. Third-party party add-ons must take care of this.
A cookie is always in the form NAME-optout and can have a value equals to true or false.
Know add-ons which support opt-out cookies
Here follow a list of common add-ons that can be used with opt-out cookies:
- sc.social.like (version >= 2.3) - server side
- A cookie named
social-optoutvalued totruewill automatically activate the "Do not track users" option for the current user. - collective.analyticspanel (version >= 0.5.0) - server side
- If properly configure, a cookie named
analytics-optoutvalued totruewill not load the analytics code. Although the add-on works server side, you are free to provide an analytics code that conditionally load when this cookie is present working totally on client side. - Products.Maps (version >= 0.4) - client side
- If a cookie named
maps-optoutis provided valued totruethe Google map is not directly displayed in the page. - redturtle.video (version >= 1.2.0) - server side
- Not directly RedTurtle Video, but extensions like collective.rtvideo.youtube (>=0.4.0)
and collective.rtvideo.vimeo (>=0.3.0) will not display the video directly if a
video-optoutcookie valuedtrueis provided
Configuration
Add-on configuration can be reached from the "Cookie consent configuration" entry in the Plone control panel.
Cookie consent banner
In the banner configuration you can:
- activate an auto-grant-on-click feature. With this every click on whatever link in the site is interpreted as accepting the Privacy Policy
- Customizing the banner text for every language used in the site (not required if your site use a single language).
The banner text will normally contains a link to the Privacy Policy.
Opt-out dashboard
The opt-out dashboard configuration is only needed if you are using 3rd party add-ons or external software that handle opt-out cookies.
Configuring this panel will select which cookies must the available to the user's preferences.
You must provide:
- an application id
- a list of one or more prefix, used for build cookies name
- a title and description for describing to users how this opt-out works if activated. Again: you can provide a description for every involed language
Issues/Troubleshooting
Varnish
TODO
Control panel
TODO
HttpOnly
TODO
JavaScript
TODO: separate cookieconsent library from custom javascript for better upgrade TODO: remove collective.jsconfiguration dependency moving custom config to a viewlet
Credits
Developed with the support of Regione Emilia Romagna; Regione Emilia Romagna supports the PloneGov initiative.
Authors
This product was developed by RedTurtle Technology team.
