Cookies being set by scripts from third party domains

Created on 29 August 2023, over 1 year ago
Updated 22 October 2023, about 1 year ago

In the documentation I read what follows.

When consent isn't given, the module will attempt to remove any cookie that is set at the web site domain (unfortunately, we can't remove cookies being set by scripts from third party domains).

Whitin the head part of the page I have the code I report below.

<script type="text/javascript">
<!--
(
 function(d, s, id) {
          var js, fjs = d.getElementsByTagName(s)[0];
          if (d.getElementById(id)) return;
          js = d.createElement(s); js.id = id;
          js.src = "//connect.facebook.net/it_IT/all.js#xfbml=1";
          fjs.parentNode.insertBefore(js, fjs);
        }(document, 'script', 'facebook-jssdk')
);
-->
</script>

This code is responsible for setting an iframe that loads a Facebook page feed. As a result of this operation I see several cookies related to Facebook are set in Mozilla Firefox. In Chrome and in Chromium Browser this does not happen, but I see some error in the console that seems to me related to that third party code - perhaps that is the reason for the missing cookies?

I'm concerned because I don't know how to deal with those third party cookies at least in Firefox.
I created a category just for this kind of cookies, but what roles this category may really have? Of course it gives me something that can be unchecked when the GDPR banner and its choices appear. But how can I use it to prevent the loading of that third party code in case the users doesn't want third party cookies? Of course, if that code does not run, no Facebook feed can be showed and I wonder how can I make an explanation show up in the empty space of the case.

Would you please help me?

Thanks in advance!

Andrea

💬 Support request
Status

Postponed: needs info

Version

1.24

Component

Code

Created by

🇮🇹Italy AppLEaDaY

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @AppLEaDaY
  • 🇮🇳India Mahima_Mathur23

    Hi AppLEDaY,

    Below is how I resolved third party cookie creation. Here is what you can try:

    Make the categories available in your script: I chose to make a cookie, you can choose whatever you feel like according to your options.

    Then make changes in the script to only create the cookie when the specific category is selected i.e. add an if condition that checks if your setup cookie contain that category or not and also add an else part to remove that cookie when the category is removed if you are giving access to the user to play with the categories again and again.

    Hope this helps!
    Mahima

  • Status changed to Needs review over 1 year ago
  • Status changed to Active about 1 year ago
  • 🇳🇴Norway svenryen

    Hi @AppLEaDaY!

    Do you have a staging site where we can inspect your setup? It's hard to give advise since different cookies and scripts needs different handling.

    As a general rule of thumb, if you need to prevent cookies from a third party, you should enclose your script with something like the code below, then it won't involve the third parties unless the user has given consent.

    Drupal.eu_cookie_compliance.hasAgreed('category_name') { ... }

    It's also possible to let code run directly after the user has agreed and without requiring a refresh.

    I'm setting this back to Active since there was no patch to review.

  • Status changed to Postponed: needs info about 1 year ago
Production build 0.71.5 2024