14136f6592
Implements cookie consent using vanilla-cookieconsent v3 to comply with
GDPR requirements. Analytics scripts are blocked until user consent is
obtained.
## Changes
**Library Integration**
- Added `vanilla-cookieconsent@3.1.0` to `_config.yml` third-party
libraries with SRI hashes
- Created `_scripts/cookie-consent-setup.js` with consent modal and
settings configuration
- Added CSS/JS includes in `_includes/head.liquid` and
`_includes/scripts.liquid`
**Analytics Blocking**
- Modified analytics scripts in `scripts.liquid` and
`distill_scripts.liquid` to use conditional `type="text/plain"
data-category="analytics"` when consent is disabled
- Blocks Google Analytics, Cronitor, Pirsch, and OpenPanel until consent
granted
- Library automatically converts blocked scripts to executable on user
acceptance
**Configuration**
- Added `enable_cookie_consent` flag (default: `false`)
- Cookie categories: `necessary` (always on), `analytics` (optional)
- 182-day cookie expiration, auto-clear on rejection
## Implementation
```liquid
{% if site.enable_cookie_consent %}
<script type="text/plain" data-category="analytics" async src="...gtag.js"></script>
{% else %}
<script async src="...gtag.js"></script>
{% endif %}
```
Enable in `_config.yml`:
```yaml
enable_cookie_consent: true
```
## Screenshots
**Consent Modal**
**Settings Modal**
> [!WARNING]
>
> <details>
> <summary>Firewall rules blocked me from connecting to one or more
addresses (expand for details)</summary>
>
> #### I tried to connect to the following addresses, but was blocked by
firewall rules:
>
> - `cdn.jsdelivr.net`
> - Triggering command: `/usr/bin/curl curl -s REDACTED` (dns block)
> - `cookieconsent.orestbida.com`
> - Triggering command:
`/home/REDACTED/work/_temp/ghcca-node/node/bin/node
/home/REDACTED/work/_temp/ghcca-node/node/bin/node --enable-source-maps
/home/REDACTED/work/_temp/copilot-developer-action-main/dist/index.js`
(dns block)
> - `medium.com`
> - Triggering command: `/usr/local/bin/ruby ruby
/usr/local/bundle/bin/bundle exec jekyll serve --watch --port=8080
--host=0.0.0.0 --livereload --verbose --trace --force_polling s
6_64-linux /etc/locale.gen by/backward -binutils_2.44-3grep .deb eb
/systemd-sysctl` (dns block)
> - `publish.twitter.com`
> - Triggering command: `/usr/local/bin/ruby ruby
/usr/local/bundle/bin/bundle exec jekyll serve --watch --port=8080
--host=0.0.0.0 --livereload --verbose --trace --force_polling lude
lude/ruby-4.0.0//run/containerd/io.containerd.runtime.v2.task/moby/a4760212ce4eda97e32b6dfa4d3ea/usr/sbin/iptables
r/runc-log.json f8_range lude r-strong E r/wc7in709a54d7hshow` (dns
block)
>
> If you need me to access, download, or install something from one of
these locations, you can either:
>
> - Configure [Actions setup
steps](https://gh.io/copilot/actions-setup-steps) to set up my
environment, which run before the firewall is enabled
> - Add the appropriate URLs or hosts to the custom allowlist in this
repository's [Copilot coding agent
settings](https://github.com/alshedivat/al-folio/settings/copilot/coding_agent)
(admins only)
>
> </details>
<!-- START COPILOT ORIGINAL PROMPT -->
<details>
<summary>Original prompt</summary>
>
> ----
>
> *This section details on the original issue you should resolve*
>
> <issue_title>GDPR compliant cookie consent dialog</issue_title>
> <issue_description>Hi,
>
> since I am from Europe and want my site to be accessed by EU citizens
I need to ask users if they are ok with the use of cookies. Adding a
dialogue by default that that asks the user before any cookies /
localStorage are used would be nice.
>
> I have integrated the dialog from
[https://www.cookieconsent.com/](https://www.cookieconsent.com/) on [my
website](http://hschwane.github.io) and am happy to file a PR if you are
interested. However It is not shown directly at the top, but below the
menu bar for some reason. Not sure how to fix that.
> </issue_description>
>
> <agent_instructions>Implement this using cookie consent dialog from
https://github.com/orestbida/cookieconsent. The documentation is
available at
https://cookieconsent.orestbida.com/essential/getting-started.html.</agent_instructions>
>
> ## Comments on the Issue (you are @copilot in this section)
>
> <comments>
> <comment_new><author>@alshedivat</author><body>
> @hschwane, thanks for pointing this out. It's would be great if you
could send a PR.
>
> To answer your question about positioning, the menu bar has the
absolute position at the top of the page and keeps moving with
scrolling. You can change that behavior in `_config.yml` by setting
`navbar_fixed: false` (see [line
27](https://github.com/alshedivat/al-folio/blob/master/_config.yml#L27)).
If you send a PR with basic functionality, I can help with adjusting the
styles a bit. Thanks!</body></comment_new>
> <comment_new><author>@alshedivat</author><body>
> Just catching up on this discussion.
>
> @hschwane, thanks for providing an implementation based on
`ihavecookies`! I looked through alshedivat/al-folio#223. It seems like
to be able to correctly (un)block different types of cookies (all of
which are third-party cookies) requires adding quite a bit of extra
JavaScript (including adding it directly to posts or pages in some
cases, e.g., when posts embed youtube videos or other external content).
This approach will put some extra burden on contributors and maintainers
of al-folio down the line.
>
> By the way, the dialog from https://www.cookieconsent.com/ is similar
in that sense as it requires to manually add ALL scripts that use
cookies. So, if someone contributes a new feature to al-folio that uses
cookies, the contributor would have to go and update the cookie consent
dialog as well (or edit quite a bit of JS if `ihavecookies` is used).
>
> Thinking about this more, I currently see only three options:
> 1. If we want to have cookie consent as a core part of al-folio (which
can be easily enabled or disabled), it needs to be a service that
automatically identifies and blocks cookies, without putting an extra
burden on the contributors or maintainers. The hosted version of [Cookie
Consent by Osano](https://www.osano.com/features/consent-management) is
an example.
> 2. Another option is to provide a very minimalistic cookie consent
dialog which simply says that the website uses cookies, without an
option to opt-in or opt-out (e.g., see the open-source edition of
[Osano](https://www.osano.com/cookieconsent/download/)).
> 3. Finally, not have cookie consent as part of al-folio, and make the
user responsible for figuring out whether they need a consent dialog and
which service to use.
>
> Let me know what you think.</body></comment_new>
> <comment_new><author>@alshedivat</author><body>
> the best way to add GDPR compliant cookie consent is using
https://github.com/orestbida/cookieconsent</body></comment_new>
> </comments>
>
</details>
> **Custom agent used: customization_agent**
> Expert customization assistant for the al-folio Jekyll academic
website template
<!-- START COPILOT CODING AGENT SUFFIX -->
- Fixes alshedivat/al-folio#199
<!-- START COPILOT CODING AGENT TIPS -->
---
✨ Let Copilot coding agent [set things up for
you](https://github.com/alshedivat/al-folio/issues/new?title=✨+Set+up+Copilot+instructions&body=Configure%20instructions%20for%20this%20repository%20as%20documented%20in%20%5BBest%20practices%20for%20Copilot%20coding%20agent%20in%20your%20repository%5D%28https://gh.io/copilot-coding-agent-tips%29%2E%0A%0A%3COnboard%20this%20repo%3E&assignees=copilot)
— coding agent works faster and does higher quality work when set up for
your repo.
---------
Signed-off-by: George Araújo <george.gcac@gmail.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: george-gca <31376482+george-gca@users.noreply.github.com>
Co-authored-by: George Araújo <george.gcac@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
161 lines
5.4 KiB
JavaScript
161 lines
5.4 KiB
JavaScript
---
|
|
permalink: /assets/js/cookie-consent-setup.js
|
|
---
|
|
/**
|
|
* Cookie Consent Configuration
|
|
* Documentation: https://cookieconsent.orestbida.com/
|
|
*
|
|
* GDPR-Compliant Approach:
|
|
* - Analytics scripts use type="text/plain" data-category="analytics"
|
|
* - The library blocks all marked scripts until user consents
|
|
* - Scripts NEVER run until explicit consent is given
|
|
* - Google Consent Mode is used for Google Analytics privacy mode before consent
|
|
* - Other analytics (Cronitor, Pirsch, OpenPanel) are blocked until consent given
|
|
*
|
|
* Supported Analytics Providers:
|
|
* - Cronitor RUM
|
|
* - Google Analytics (GA4)
|
|
* - OpenPanel Analytics
|
|
* - Pirsch Analytics
|
|
*/
|
|
|
|
// Initialize Google Consent Mode BEFORE any tracking
|
|
// This tells Google services to operate in privacy mode until user consents
|
|
window.dataLayer = window.dataLayer || [];
|
|
|
|
// Reuse existing global gtag if it was already defined (e.g. by other GA scripts)
|
|
// to avoid redefining it multiple times when consent is granted.
|
|
if (typeof window.gtag !== 'function') {
|
|
window.gtag = function() {
|
|
window.dataLayer.push(arguments);
|
|
};
|
|
}
|
|
|
|
// Local alias for convenience in this file
|
|
var gtag = window.gtag;
|
|
gtag('consent', 'default', {
|
|
'ad_storage': 'denied',
|
|
'analytics_storage': 'denied',
|
|
'functionality_storage': 'denied',
|
|
'personalization_storage': 'denied'
|
|
});
|
|
|
|
// Wait for the library to be available
|
|
var cookieConsentRetryCount = 0;
|
|
var COOKIE_CONSENT_MAX_RETRIES = 50; // 5 seconds max wait time
|
|
|
|
function initializeCookieConsent() {
|
|
// Check if CookieConsent is available
|
|
if (!window.CookieConsent) {
|
|
if (cookieConsentRetryCount++ < COOKIE_CONSENT_MAX_RETRIES) {
|
|
// Library not yet loaded, try again after a short delay
|
|
setTimeout(initializeCookieConsent, 100);
|
|
} else {
|
|
console.error('CookieConsent library failed to load');
|
|
}
|
|
return;
|
|
}
|
|
|
|
window.CookieConsent.run({
|
|
categories: {
|
|
necessary: {
|
|
enabled: true,
|
|
readOnly: true
|
|
},
|
|
analytics: {}
|
|
},
|
|
|
|
language: {
|
|
default: 'en',
|
|
translations: {
|
|
en: {
|
|
consentModal: {
|
|
title: 'We use cookies',
|
|
description: 'This website uses cookies to improve your experience and analyze site traffic. By clicking "Accept all", you consent to our use of cookies.',
|
|
acceptAllBtn: 'Accept all',
|
|
acceptNecessaryBtn: 'Reject all',
|
|
showPreferencesBtn: 'Manage Individual preferences'
|
|
},
|
|
preferencesModal: {
|
|
title: 'Manage cookie preferences',
|
|
acceptAllBtn: 'Accept all',
|
|
acceptNecessaryBtn: 'Reject all',
|
|
savePreferencesBtn: 'Accept current selection',
|
|
closeIconLabel: 'Close modal',
|
|
sections: [
|
|
{
|
|
title: 'Cookie usage',
|
|
description: 'We use cookies to ensure the basic functionalities of the website and to enhance your online experience. You can choose for each category to opt-in/out whenever you want.'
|
|
},
|
|
{
|
|
title: 'Strictly Necessary cookies',
|
|
description: 'These cookies are essential for the proper functioning of the website. Without these cookies, the website would not work properly.',
|
|
linkedCategory: 'necessary'
|
|
},
|
|
{
|
|
title: 'Analytics cookies',
|
|
description: 'These cookies allow us to measure traffic and analyze your behavior to improve our service.',
|
|
linkedCategory: 'analytics'
|
|
},
|
|
{
|
|
title: 'More information',
|
|
description: 'For any queries in relation to our policy on cookies and your choices, please <a class="cc-link" href="{{ site.url }}{{ site.baseurl }}/#contact">contact us</a>.'
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
},
|
|
|
|
// Callback when user accepts/rejects consent
|
|
onFirstConsent: function(consentData) {
|
|
updateConsentMode(consentData);
|
|
},
|
|
|
|
// Callback when user changes preferences
|
|
onChange: function(consentData) {
|
|
updateConsentMode(consentData);
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Update Google Consent Mode based on user preferences
|
|
* This ensures Google services respect user choices
|
|
*/
|
|
function updateConsentMode(consentData) {
|
|
// Handle both callback data structures
|
|
var categories = consentData.categories || consentData;
|
|
|
|
// Ensure categories is an object
|
|
if (!categories || typeof categories !== 'object') {
|
|
console.warn('Invalid consent data structure:', consentData);
|
|
return;
|
|
}
|
|
|
|
gtag('consent', 'update', {
|
|
'analytics_storage': categories.analytics ? 'granted' : 'denied',
|
|
'ad_storage': 'denied',
|
|
'functionality_storage': 'denied',
|
|
'personalization_storage': 'denied'
|
|
});
|
|
|
|
if (categories.analytics) {
|
|
console.debug('✓ Analytics consent granted - tracking enabled for all providers');
|
|
// Analytics scripts with data-category="analytics" will automatically run
|
|
// when the library re-evaluates them after this consent update
|
|
} else {
|
|
console.debug('✗ Analytics consent denied - no tracking data collected');
|
|
// Analytics scripts are already blocked by the library (type="text/plain")
|
|
// No tracking will occur for:
|
|
// - Cronitor RUM
|
|
// - Google Analytics (GA4)
|
|
// - OpenPanel Analytics
|
|
// - Pirsch Analytics
|
|
}
|
|
}
|
|
}
|
|
|
|
// Initialize when the library is available
|
|
initializeCookieConsent();
|
|
|