EUROPA websites must follow the Commission's guidelines on privacy and data protection and inform users that cookies are not being used to gather information unnecessarily.
The ePrivacy directive – more specifically Article 5(3) – requires prior informed consent for storage for access to information stored on a user's terminal equipment. In other words, you must ask users if they agree to most cookies and similar technologies (e.g. web beacons, Flash cookies, etc.) before the site starts to use them.
For consent to be valid, it must be informed, specific, freely given and must constitute a real indication of the individual's wishes.
In this context this class lives.
It simply alters the default document.cookie
behavior to disallow cookies to be written on the client side, until the user accept the agreement.
If you want to use it as wordpress plugin then skip the Client side and the Server side sections
Download the script file EUCookieLaw.js
Add this code in your HTML head
section (better if before all others JavaScripts)
<script src="EUCookieLaw.js"></script>
<script>
new EUCookieLaw({
message: 'In base ad una direttiva europea sulla privacy e la protezione dei dati personali, è necessario il tuo consenso prima di conservare i cookie nel tuo browser. Me lo consenti?'
});
</script>
If the user accepts the agreement then EUCookieLaw will store a cookie for itself (to remember that the user accepted the agreement) named __eucookielaw
with true
as value,
that lives during the current session.
the EUCookieLaw
initialization expect an Object with the following properties:
message
is the message used by the default confirmation dialog. In the case ofshowBanner
, themessage
can be an HTML content.showAgreement
is the callback method that will show the dialog with the user agreement about the cookie usage. If you use a synchronous mode to show a dialog (eg.confirm
method) theshowAgreement
must returntrue
if the user have accepted the agreement, in all other cases (user rejected the agreement or in asynchronous mode) it must returnfalse
.showBanner
(boolean
)if you want to show a banner at the top of your page you need to set tis option totrue
.bannerTitle
(only ifshowBanner
istrue
) the banner titleagreeLabel
(only ifshowBanner
istrue
) the agree button label. Default isI agree
disagreeLabel
(only ifshowBanner
istrue
) the disagreement button label. Default is an empty string. If not given the disagree button will not be shown.reload
iftrue
the page will be refreshed after the user accepts the agreement. This is useful is used in conjunction with the server side part.tag
(only ifshowBanner
istrue
) if defined the script will use it as predefined tag for title content of the banner.fixOn
it defines if the banner is fixed on top or bottom, default value, if not defined or empty, istop
. Allowed values aretop
orbottom
.agreeOnScroll
iftrue
, when the user will scroll the page, then the agreement is implicitly accepted. The default value isfalse
.
Note: ifagreeOnScroll
is setted totrue
, thereload
option has no effect.
Once UECookieLaw
is initialized, you can access some useful methods in your JavaScript:
enableCookies
enables the site to store cookiesreject
reject the cookies agreementisRejected
if the user have rejected the request to store cookieisCookieEnabled
if the site can store cookies
Synchronous mode (see demo):
<script src="EUCookieLaw.js"></script>
<script>
function myCustomAgreement(){
if(!eu.isRejected()) {
if (confirm('do you agree?')) {
return true;
}
eu.reject();
}
return false;
}
new EUCookieLaw({
showAgreement: myCustomAgreement
});
</script>
Asynchronous mode (see demo):
<script src="EUCookieLaw.js"></script>
<script>
function showDialog(){
/*
* Your custom dialog activator goes here
*/
}
function myCustomAgreement(){
/* show some HTML-made dialog box */
showDialog();
return false;
}
new EUCookieLaw({
showAgreement: myCustomAgreement
});
</script>
With agreement banner (see demo):
<script src="EUCookieLaw.js"></script>
<script>
new EUCookieLaw({
message: "La legge prevede l'autorizzazione all'utilizzo dei cookie. Me la vuoi dare per favore?",
showBanner: true,
bannerTitle: 'Autorizzazione alla conservazione dei cookie',
agreeLabel: 'Do il mio consenso',
disagreeLabel: 'Nego il consenso',
tag: 'h1'
});
</script>
The server-side script intercept the output buffer and will remove the sent cookies when user has not yet approved the agreement.
Then you should include the file eucookielaw-header.php
as the first operation on your server.
This will ensure you that any of your script or CMS like Wordpress, Drupal, Joomla or whatever you are using, is able to
write a cookie if the user doesn't given his consensus.
// This must be the first line of code of your main, always called, file.
require_once 'eucookielaw-header.php';
However if the server already detected that the user agreed the cookie law agreement the script does not override the built-in function.
Further if you want to block some javascript elements you can do it by adding a data-eucookielaw="block"
attribute to the script
elements.
If you want to block specific domains you can define in your script (before including eucookielaw-header.php
) two constants:
EUCOOKIELAW_DISALLOWED_DOMAINS
a semicolon (;
) separated list of URLs disallowed since the user does not accept the agreement.
Each space before and/or after each URL will be removed.
Note: if the domain start by a dot (eg..google.com
) then all the related subdomains will be included in the temporary blacklist.EUCOOKIELAW_LOOK_IN_TAGS
a pipe (|
) separated list of tags where to search for the domains to block.
If not specified, the deafault tags areiframe
.script
,link
.EUCOOKIELAW_LOOK_IN_SCRIPTS
a boolean value, iftrue
the URLs defined inEUCOOKIELAW_DISALLOWED_DOMAINS
will be searched in the<script>...</script>
tags too.EUCOOKIELAW_DEBUG
a boolean value, iftrue
the HTML output will report before each replacement the rule applied and at the beginning of the file it will show all the applied rules.
Important do not keep it enabled on production environment.
Just download the zip and install it in your WordPress. The plugin actually supports translation in both Italian (by translation file) and English (default).
The plugin is compliant (also read as has been tested) with WP Super Cache plugin to serve the right contents when the user has not yet approved the agreement.
I've implemented the custom text-domain files ( EUCookieLawCustom-it_IT.po
/ EUCookieLawCustom-it_IT.po
).
Remember that to get custom translations properly work, you need to move the EUCookieLawCustom
directory at the plugins
directory level.
To be more clear the custom directory will be: wp-content/plugins/EUCookieLawCustom
Then take the file default and you have to put 4 strings in your translation file:
Banner title
Banner description
I agree
I disagree
Remember to put the above text in the plugin settings page (default behavior) and to produce the translation files
(starting from the default.po
located in the EUCookieLawCustom
directory).
You can see a production example on my personal WebSite.
To ensure your site is law compliant, you should have a page where you describe to your user which are the third-party cookies, which is their purpose and how to disable them. And yes! Don't forget to put the link in the banner!
The structure of generated banner (with the default heading tag settings) is the following:
<div class="eucookielaw-banner fixedon-top" id="eucookielaw-135">
<div class="well">
<h1 class="banner-title">The banner title</h1>
<p class="banner-message">The banner message</p>
<p class="banner-agreement-buttons text-right">
<a class="disagree-button btn btn-danger" onclick="(new EUCookieLaw()).reject();">Disagree</a>
<a class="agree-button btn btn-primary" onclick="(new EUCookieLaw()).enableCookies();">Agree</a>
</p>
</div>
</div>
.eucookielaw-banner
is the banner container it will have a randomid
attribute name that starts always witheucookielaw-
and then followed by a number between0
and200
..well
is the inner containerh1.banner-title
is the banner titlep.banner-message
is the banner html messagep.banner-agreement-buttons.text-right
is the buttons container for the agree/disagree buttonsa.disagree-button
is the disagree button it implements the CSS classesbtn
andbtn-danger
a.disagree-button
is the agree button it implements the CSS classesbtn
andbtn-primary
You can make your own CSS to build a custom aspect for the banner. However, if you prefer, you can start from the bundled CSS.
NOTE: If you are using the script as WordPress plugin, the custom CSS must be located in the directory wp-content/plugins/EUCookieLawCustom/
and must be named eucookielaw.css
. Then it will be read in conjunction with the default plugin CSS.
I'd like to translate this plugin in all european languages, but I'm limited to the Italian and English too.
If you want to get involved in this plugin development, then fork the repository, translate in your language and make a pull request!
If you find this script useful, and since I've noticed that nobody did this script before of me, I'd like to receive a donation. :)
- BUGFIX: fixed the javascript that has wrong characters in the script
- NEW: when you specify a domain starting with a dot (eg.
.google.com
) all the subdomains are valid (eg.www.google.com
andsub.domain.google.com
) - NEW: Improved the banner loading (loaded before the DOM Event
load
) - NEW: Optional implicit user agree on page scrolling (Issue #4).
- NEW: Debugging options
- NEW: You can fix the banner on top or bottom of the page.
- NEW: The custom CSS (from
EUCookieLawCustom
) will be loaded in conjunction with the default CSS. - BUGFIX: removed the
<![CDATA[ ... ]]>
envelop on script replacement due to some browser incompatibility. - BUGFIX: Custom translations was never read
- updated translation files
- updated documentation
- updated the version number
- BUGFIX: the default text for disagree button when not given was
Disagree
instead it should be empty. - BUGFIX: whatever is the name of the plugin directory the directory for the customizations (translations and CSS) must be
/wp-content/plugins/EUCookieLawCustom/
. - updated documentation
- updated the version number
- Updated the eucookielaw-header.php,
- NEW: now the disallowed domains trims the spaces on each domain. It means that is allowed to write
domain1.com ; domain2.com
and they will be correctly interpreted asdomain1.com
anddomain2.com
- NEW: now the disallowed domains trims the spaces on each domain. It means that is allowed to write
- NEW: If not defined the disagee label text then the button is not shown. Useful for informative non-restrictive cookie policy.
- BUGFIX: the cookie
__eucookielaw
setted by javascript is defined at root domain level. - updated documentation
- updated the version number
- Updated the eucookielaw-header.php,
- NEW: now the search of url is performed in
<script>...</script>
tags too. - BUGFIX: some translations strings were broken.
- NEW: now the search of url is performed in
- updated translation files
- updated documentation
- updated the version number
This update introduces several improvements, features and bugfixes. For a detailed information about the new release see: Issue #1
- updated the eucookielaw-header.php,
- NEW: now it blocks script tags with
data-eucookielaw="block"
attribute - NEW: now is possible to define a blacklist of domains to block before the user consent the agreement
- NEW: the blacklist is related to a set of tags (by default the plugin will scan
iframe
,link
andscript
tags
- NEW: now it blocks script tags with
- NEW:: managed title tag, blocked domains and tags to scan
- NEW: if the plugin WP Super Cache is installed then the plugin will clear the cache until the user has not approved the agreeement to ensure to show always the right contents
- NEW:: if there is a CSS file named
eucookielaw.css
in the custom directorywp-content/plugins/EUCookieLawCustom/
the it will be appliead in place of the default one. - BUGFIX: unescaped post data before saving the admin settings
- updated the version number
- updated translation strings
- updated documentation
- First release
Several sites are using EUCookieLaw as WordPress plugin (actually there are more than 100 installs). If you want to let users know your experience in using EUCookieLaw, there is a Facebook page where you can share your thoughts and experience. Note: To add your site fork this repository, add your site and make a pull request... or simply send me a message. :)