GTM Data Layer Names containing spaces cause syntax errors

  • Resolved Tom J Nowell

    (@tjnowell)


    4 months, 2 weeks ago

    In src/view/frontend/scripts/google-consent-mode-js.php this code is used to print out the GTM script:

    ?>
    <script<?php echo ! $consent_attribute ? '' : ' data-cookieconsent="' . esc_attr( $consent_attribute ) . '"'; ?>>
    	window.<?php echo esc_js( $data_layer ); ?> = window.<?php echo esc_js( $data_layer ); ?> || [];
    	function gtag() {
    		<?php echo esc_js( $data_layer ); ?>.push(arguments);
    	}
    	gtag("consent", "default", {

    However if $data_layer contains spaces those are not removed by esc_js and make it through causing a syntax error, e.g.:

    <!DOCTYPE html>
    <html lang="en-US">
    <head>
    	<meta charset="UTF-8" />
    	<script data-cookieconsent="ignore">
    	window.test data layer = window.test data layer || [];
    	function gtag() {
    		test data layer.push(arguments);
    	}

    Instead of using esc_js it would be safer to do something like this beforehand:

    	$data_layer = preg_replace( '/[^a-z0-9_]/i', '', $data_layer );
    • This topic was modified 4 months, 2 weeks ago by Tom J Nowell.
Viewing 2 replies - 1 through 2 (of 2 total)
  • Thread Starter Tom J Nowell

    (@tjnowell)

    Noting I’ve searched for a Github repo to make a PR against for this fix but haven’t found anything

    Plugin Support hannausercentrics

    (@hannausercentrics)

    Hi @tjnowell ,
    Thank you for your suggestion and for taking the time to look into this!
    We apologize for the delayed response.

    Feel free to request PRs on our GitHub repository: https://github.com/CybotAS/CookiebotWP
    We’ve also passed your feedback along to our development team for their consideration.

    We truly appreciate your contribution and your patience!

Viewing 2 replies - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.