22849 Posts in 9654 Topics by 2803 members
Page: 1 2
|Go to End|
15 July 2012 at 10:47pm
I realise this is an older post, but since the cookie law has now been installed in the Netherlands as well and requires a very strict opr-in policy, i was wondering how you all are complying..
It looks like, since last year, a couple of companies have created online services/plugins to make things a easier, like these guys, http://silktide.com/cookieconsent
I'm not sure how and if this could successfully be implemented on Silverstripe, as not every cookie silverstripe core and modules set can safely be considered 'essential'... But as this involves the whole of Europe - would it be a good idea to add some extra cookie management to the (core) cookie/session objects?
Maybe a second optional param as in Session::set('key', 'value', 'essential') or Session::set('key','value', 'analytics') or Cookie::set(... And a way to hook into that?
I'd be very interested in your opions and experiences,
16 July 2012 at 7:32pm
You may want to talk to the Better Brief guys, for the hackathon they did some work on Cookies to make it easier to put in your own custom cookies (https://github.com/silverstripe/sapphire/pull/595). I assume they may release something as a module or recipe for EU compatibility.
16 July 2012 at 7:36pm Last edited: 16 July 2012 7:40pm
I have another non SS site where the site owner wanted implied permission to be used from the very first page load, as other large sites (mainly newspapers and broadcasters were doing a similar thing), effectively an opt-out, but without having to mess around with browser settings.
In SS, I am doing the checks etc. in the onBeforeInit method of an extension applied to the ContentController. In the onAfterInit, if cookies are not allowed, then the PastMember cookie (which is set in the Controller init method if the user is logged in and a past member), is overwritten with one that is expired so would be removed from the browser, if required.
If cookies are explicitly denied, then any GA cookies are also removed. The only cookies remaining essential to the site are the site session cookie (which if it wasn't essential before, is now to track the visitor's cookie choices in order to implement implied consent), and the cookie containing the visitor's cookie preference.
I am working on turning this into a module - mainly so I can easily apply it to the SS based sites that I work on - so stuff like the PastMember cookie could be an option, as is the use of implied consent.
So far, the PastMember cookie is the only one that needs to be caught if you are not going to alter the core. For "remember me" functionality, that can be presented, or not, based on cookie preferences by overriding the MemberLoginForm and disabling the option from being presented.
16 July 2012 at 11:09pm
Thanks Will, I'll have a look at the module.
And thanks, Jason, for your extensive reply.
As for using the implied consent approach, as far as we understand it now, we cannot use that in the Netherlands It looks like our cookie law is one of the more strict in Europe, but still that doesn't necessarily make it any clearer...
Also it seems that over 90% of all webowners are still waiting for the competition to go first. I've read just yesterday that the OPTA has a job opening ready for a stagiair(!) to build an automated checking system (later they apparently stated he's not going to do it all by himself). Still we need to have something prepaired that is easy to implement, I guess.
So I'm interested in your module as well. Are you planning on supporting opt-in as well?
18 July 2012 at 3:51am
Opt in (without implied consent) is the approach that I originally took - obviously the downside is completely blank analytics as people either explicitly deny cookies, or more likely, they just ignore the cookie information (same result).
In the module the use of implied consent is intended to be optional. If I ever get to the point of releasing the module, I'll let you know. Hopefully I'll get some time to tidy it up soon. I guess it would also need to be translatable.
25 July 2012 at 3:11am Last edited: 25 July 2012 3:11am
We have released a customisable 'Cookiebar' module to add a cookie bar at the top of the page which you can get here:
You can see it in action on our site (the image/text/Links are all CMS controlled): http://www.aabweb.co.uk
Any comments/suggestions let me know.
12 October 2012 at 12:17am
Aram, nice module. Are we free to use your plug-in and content of the description page for a commercial website?
Is it sufficient for a website in the Netherlands?
23 April 2013 at 12:22am
I've tried to use the module but failed.
If you can help please read this thread:
Also, is the Cookie-bar module available from https://packagist.org/ for composer installation?
Page: 1 2
|Go to Top|