consent_support
5 sites
Security covered
Synopsis
This module is a 'spin-off' from CookiePro Plus to support content blocking in a way that requires as minimal impact and/or effort for content editors.
The initial goal of this module was twofold:
- Making the solution as less intrusive and foolproof as possible for content editors.
- Replacing blocked content with a 'no-consent message', or adding in case of scripts, which also contains link to open the CookiePro preferences center.
As CookiePro defines ways on how to handle iframes and scripts that are part of the content and cannot be handled by their Auto-Blocking™ mechanism. This these solutions are implemented in a generic way, which can be expanded upon to handle specific entity types or fields.
Features
Overtime, the module expanded with additions like:
- 'No-consent messages' using templates.
- A few submodules to cover common use cases.
- In case of entities to be processed (Media, Paragraphs):
- Default processing behavior is stored on the entity type.
- Override at entity level is possible.
- Permissions are present to allow or deny override at entity level to the desired User roles.
- Consent Context (config): affects template suggestions for the 'no-consent message' template. Which Consent Context is applied depends on the case.
In case of entities, it can be configured and overriden at entity level. - Provider (config): Similar to oEmbed providers, to tie provider domain(s) to a cookie category using regex. This is used to enforce the proper consent category during processing.
- Plugin based system to add support for any Entity type.
- Processor service to the actual work.
- Processing takes IP-bypass and pause modus of CookiePro Plus into account.
The included submodules currently cover support for:
- Block Content aka Custom Block (Drupal core)
- Media (Drupal core)
- Paragraphs
- URL Embed (Drupal 9 only until Drupal 10 compatibility is fixed.
- Video Embed Field
See the main module README for all details and how to extend for your own use-cases.
Consent Contex and Provider management
Consent Support config on Media type and Media entity
Consent Support config on Paragraph type, Paragraph entity and Video Embed Field (no config)
'No-consent message' display and unblocking
- The YouTube video in the Video Embed field has been forced to category 'targeting' due to the Provider 'YouTube', and Consent Context 'video' (hard-coded).
- The script part of Tweet embed code has also been forced to category 'targeting' because 'Force category by provider' is enabled at the Paragraph type in combination with the Provider 'Twitter', even though the configuration in the Paragraph is set to 'social media'.
The Consent Context 'Script' has been set and applied, providing a 'no-consent message' with different text and icon.
- Upon saving consent for the 'targeting' category in the CookiePro preferences center, the iframe's original source is restored and the Twitter script executed.
- Each consent category can be separately accepted and its content unblocked.
Requirements
Currently, the module requires:
Roadmap
- As many cookie banner/consent tools use similar approaches to 'unblock' iframes and scripts, the goal for version 2 is to reverse dependencies with CookiePro Plus and define a 'processing' plugin for cookie banner/consent tools modules to implement.
Similar projects and how they are different
- Cookie Content Blocker: Different approach on how to (configure) content blocking and how to expose this to editor, with different cookie banner in mind.