Tracking cookies are small and usually completely harmless files that are created within a web browser and can be used to store data. Typical uses of cookies can include remembering what items somebody has added to a shopping cart, content display preferences, keeping a person logged-into a secure part of a website, passing keywords to a search page, recording contact form inputs between sessions or multilingual language selections (using a stack like RWML). Although sometimes frowned upon, the truth is that the modern internet would greatly struggle to function without the help of cookies. It is almost impossible to build any website that does not make use of cookies somewhere.

Some stacks exist already that can display warning messages about tracking cookies. But they are not all necessarily compliant with newer and more stricter privacy laws. The main issue stems from the fact they use client-side Javascript code; so they still allow potentially invasive scripts and other tracking to load in the background. CookieManager instead approaches the problem with a PHP server-side solution. It works by checking the web browser for the presence of a matching tracking cookie; and only then loads particular stacks, scripts or content on a page.

CookieManager can work in two main ways - it can either set / modify tracking cookies with a button press or it can look for existing cookies and conditionally load parts of the webpage accordingly. Therefore you can effortlessly quarantine stacks, content or scripting that a website user has not given their explicit consent to view or to be tracked through. This is a big part of conforming with new privacy legislation.

CookieManager plays really nicely with other stacks, like FloatingContent, Gateway or TopBox. We strongly recommend you use CookieManager with one of these three for creation of your initial popup message. Messages can be localised into any language using RWML. You can choose to style or word your message however you want; to give assurance to site users that you care about their privacy.

Example

Here is an example of three CookieManager stacks. One sets the cookie, another deletes the cookie. A third displays content, based on whether the cookie is set or not. Cookies are valid for 30 days, changeable in the stack settings.
 
No tracking cookie was found in your web browser!
Consent not provided by the website user. Until the 'set cookie' button is clicked above, we do not have consent from the user to use non-essential cookies or make use of scripts or outside services that might potentially take personal information.
 
You may have noticed that this whole website also makes extensive use of CookieManager. The terms page lets a user easily opt-in or opt-out of non essential tracking cookies, which is a legal requirement under EU laws.

Setup

Follow these instructions for getting CookieManager setup on your website:
  1. Once installed into Stacks and RapidWeaver, drag and drop a copy of CookieManager into your webpage
  2. Change the Setup Mode option, depending on whether you want to delete, set, get or modify visitor tracking cookies
  3. Configure options like the cookie name, value and expiration date
  4. If you are using CookieManager to delete, set or modify tracking cookies, you can customise the button shown to website users
  5. Save and publish your changes when done

The idea of the 'get' configuration is to quickly quarantine parts of your webpage that need to remain hidden until a user has given their consent to view or load that area of the page. A prime example would be to hide a Google® Map, until the website user has agreed to receiving data from Google®; and potentially the transmission of their IP address, location or other data back to Google®. This way, the website user has a lot more control over their privacy.

You can safely use multiple copies of CookieManager on the same page. They can all be configured to look for the same opt-in tracking cookie, which could be created using another CookieManager stack, or a stack like FloatingContent, Gateway or TopBox.

CookieManager can be quickly setup as a 'partial' and added to multiple pages of a website. If using CookieManager to conditionally display or hide content in 'get' mode, remember to set your page extension to .php in the Page Inspector and delete older .html pages that may already be published at the same location. This is very important to do and should not be ignored. Changing a page to have a .php extension has zero effect on SEO and pages can continue to be previewed with RapidWeaver.

And don't forget that your RapidWeaver theme also needs to be GDPR compliant too! Themes often make use of fonts or libraries that might be coming from other locations. All the free and paid themes provided through ThemeFlood will be using 'local' versions of jQuery and other files before the 25th May 2018 GDPR deadline takes effect. The Stacks plugin can be configured to use local versions of jQuery and Font Awesome icons, in your plugin preferences. Using local versions of all these libraries can help simplify compliance.

Using CookieManager in combination with FloatingContent, Gateway or TopBox

A video demonstrating how to use Gateway and CookieManager together was published here on YouTube. All three of these stacks are perfect to use for creating attractive and accessible popup messages; which can be used to alert website users to the use of tracking cookies or third-party services where personal data (like MAC or IP addresses) may be shared. Under EU laws (like GDPR) website users need to give explicit consent before non-essential tracking cookies are set or page elements with dependency on outside services (like analytics and mapping) are loaded. There are significant legal implications for websites that flout these laws. CookieManager and the aforementioned stacks can help you comply with these laws.

In essence, you will want to add a copy of FloatingContent, Gateway or TopBox to your webpage. Use these stacks to display your personalised message about cookie tracking or your privacy policy. Switch on support for cookie tracking in these stacks; so that when the stack is dismissed (closed) you know the website user has given their consent.

Then it is simply a matter of matching-up the same cookie names and values in CookieManager. For example if you gave a Gateway stack a cookie name of cookies_allowed, then you can reuse this cookie ID in CookieManager. Place code or content (like analytics, web video, maps, web fonts and other elements that transmit data) within the 'true' area of CookieManager. These will only be loaded if the user has granted their explicit consent. The whole setup can be tested in RapidWeaver 7 and above, before you publish your website. Cookies can be viewed and deleted from within the browser developer console.
 

Contribute

If you find this stack element useful in your personal or commercial web projects; please consider making a small contribution towards ongoing support and updates. There are many different ways you can contribute to the Stacks4Stacks project, and benefits for doing so.
Bookmark or share this page
Baidu 百度
Blogger
Delicious
Digg
Facebook
Google+
LinkedIn
LiveJournal
MySpace
Pocket
Одноклассники
Reddit
Renren 人人网
StumbleUpon
Tumblr
Twitter
ВКонтакте
Weibo 微博
XING
Contact Us
Email This Page
Print This Page
PS: This bookmarking and sharing popup is powered using our brilliant SocialPopup stack!
We use cookies and other services to give you the best possible experience on our website. If you continue without changing settings, we'll assume you are happy with this.