Disable JavaScript isn't completely working (to prevent cookies before consent)

Open on Drupal.org →

Created on 30 September 2022, about 2 years ago

Updated 22 October 2023, about 1 year ago

Problem/Motivation

I'm using DisableJavaScript feature to prevent cookies before consent (to be compliant with the GDPR). It worked well for GoogleTagManager both in the case of Opt-in or Opt-in with categories, but all other javascripts are not blocked. I noticed that tag manager is the only one which is reachable as a web page and the others are all .js files (don't know if this could mean something). Did I miss to configure something on the module or it could be related to the javascripts?

Steps to reproduce

I used the complete url paths in the box Diable JavaScripts. For example:
https://www.googletagmanager.com/gtag/js -> Is disabled before consent
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m2022092... -> Is Not Disabled

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report

Status

Postponed: needs info

Version

1.23

Component

Code

Created by

Live updates comments and jobs are added and updated live.

GoogleAdsense

cookies

JavaScript

Incomplete comments

Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment over 1 year ago →
🇩🇪Germany kle
I found a bug in eu_cookie_compliance_page_attachments() [Version 8.x-1.24]

In line 295 you prepend a relative path with '/' and compare this with the user-given paths:

if (strpos($src, 'http') !== 0 && strpos($src, '//') !== 0) { $src = '/' . $src; } if (in_array($src, $disabled_javascripts)) { $variables['#attached']['html_head'][$index][0]['#access'] = FALSE; }
But $form['javascripts']['disabled_javascripts']['#description'] says "should be written as root relative paths without the leading slash" - so this never works for relative paths - or am I wrong ?
Status changed to Postponed: needs info about 1 year ago6:15pm 22 October 2023
Comment about 1 year ago →
🇳🇴Norway svenryen
@kle,

I'm not sure I follow. From what I recall, $is_script and $is_src refers to two different script types, and won't be present together.

That slash has been prepended since 2020, and is working properly on my installs and apparently for 50000 users of the module. Do you have an example here? Could you make a custom module to demonstrate what you think is wrong, and upload that one to the issue ans a zip package?

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024