AMP page places cookie before consent

  • Resolved miniwi

    (@miniwi)


    3 years, 8 months ago

    Hi there,

    we used your plugin to comply with EU GDPR. Testing with several cookie analytics websites, it seemed ok. But the German administration tested the page with ghostly and claims now, that the AMP Project places a URL outside the domain (cdn.ampproject.org) before consent is given by the user.

    Could you give us a hint where we didn’t setup the tool correctly?

    COMPLIANZ setup shows 100% green but if we cannot fix the issue, the administration will not accept the page as GDPR complaint.

    M.

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Contributor Aert Hulsebos

    (@aahulsebos)

    Hi @miniwi,

    Could you post a specific AMP page so I can debug correctly?

    regards Aert

    Thread Starter miniwi

    (@miniwi)

    Dear Aert,

    thanks for the offer of an individual analysis.
    Our administration (for GDPR) analyses our page with ghost tool and complains that the page starts tracking / cookies before any consent given.

    Desktop home:
    https://www.mba-journal.de/
    Ghost reports 1 tracker: cdn.amproject.org

    AMP Page:
    https://www.mba-journal.de/ft-online-mba-von-warwick-erneut-auf-platz-1/amp/
    1. tracker reported: Gravatar

    Desktop posts:
    https://www.mba-journal.de/ft-online-mba-von-warwick-erneut-auf-platz-1/
    Three tracker reported
    1) Facebook Social Graph
    https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fwww.mba-journal.de%2Fft-online-mba-von-warwick-erneut-auf-platz-1%2F
    2) Jetpack https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.9635216635600221
    3) AMP cdn.ampproject.org

    I tried to reinstall compliance and included the services above. It reports 100% green and thus, I was of the opinion to offer a compliant page.

    I need to repair the problem until April 7th before the department enforces fees.

    Any help welcome!

    M.

    Plugin Contributor jarnovos

    (@jarnovos)

    Hello @miniwi,
    The site runs fine on desktop and AMP, as Complianz is active here as well. However, what is essentially happening is that you “send” your page to Google so that they can serve the page, hence why the CDN is needed.

    To circumvent privacy-risks with Gravatar you can decide to locally host it, which we explain here: https://complianz.io/privacy-friendly-images-from-gravatar/.

    As for Jetpack / FB Social Graph, can you verify that you have the Jetpack integration enabled under Complianz > Integrations > Plugins?

    Kind regards,
    Jarno

    Thread Starter miniwi

    (@miniwi)

    Hi there,

    thank you for the response. Yes under
    Complianz > Integrations > Plugins
    there are
    AMP (official AMP plugin for WordPress)
    Jetpack

    listed. While AMP is connected an the second button (Wildcard) reports N/A after Jetpack, both buttons are active.

    You explain I “send” the page to Google. In fact I installed the AMP plugin since this was mentioned as compatible with compliant – without selecting any feature to send the page to google. As mentioned in https://complianz.io/amp-integrated-with-complianz/ I activated reading mode only. Is there any help or post that explains how to avoid “sending” the page to google? I couldn’t find this at complaint.io.
    In the meanwhile I removed w3total cache and other plugins but the tracker: can.ampproject.org stays.

    Hope for a tip,

    M.

    Plugin Contributor jarnovos

    (@jarnovos)

    Hello @miniwi,

    This CDN from amppproject.org allows your AMP page to be cached/pre-loaded, which should benefit the performance of your website. This article from the amp.dev Documentation explains it better than I can: https://amp.dev/documentation/guides-and-tutorials/learn/amp-caches-and-cors/how_amp_pages_are_cached/

    In short: this CDN cannot be disabled as this is essential to the way in which AMP functions.

    Kind regards,
    Jarno

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘AMP page places cookie before consent’ is closed to new replies.