Unrealistic integration
-
It is unrealistic to think website owners will be able to update all the various script tags that WP Core, Themes and Plugins add to our sites.
It is equally unrealistic to think that WordPress Core developers and all Theme and Plugins developers will adjust their code base for a single product (Cookiebot).
This plugin should, and can, do all of that work, fairly easily:
1) Add an admin page that asks for my Cookiebot Domain Group ID and stores it in the site database.
2) Once submitted, you can now connect the dots between the site I registered at cookiebot.com, which you have already scanned, and the site I am adding this plugin to.
3) Once you have that, you can use WP’s built-in
wp_enqueue_scriptfunction to add your script to the site’s pages, like:
wp_enqueue_script( 'cookiebot_script', '//consent.cookiebot.com/uc.js' );4) Then you can use WP’s built-in
script_loader_tagfilter to add theasyncanddata-cbidattributes, like:
add_filter( 'script_loader_tag', 'add_async_and_data_attribute', 10, 2 );
... str_replace( ' src', ' data-cbid="'.plugin_options[cookiebot_id].'" async="async" src', $tag ) ...5) And if you really want to impress, you could use your extensive cookie script database, along with the above
script_loader_tag, to also add the properdata-cookieconsentattribute to each known script tag.This should take a single developer a couple days, or a small team the better part of a day, to knock out.
This would also make Cookiebot leap to the front of their competitors for any WP site owner.
Think about it.
Thanks,
AtgThe page I need help with: [log in to see the link]
-
Hi Aaron,
Thanks for reaching out, and thanks for your input!
If we can’t offer something that is always guaranteed to work, we wont implement it in the Cookiebot plugin.
It is not guaranteed that every plugin or theme is using wp_enqueue_script, therefor, Cookiebot cannot guarantee its users compliance, if we choose to take that path.
We are experiencing a lot of frustration from WP users, which is why we have created a public Github repository, where we are developing “addons/plugins”, which will integrate Cookiebot with various plugins. This is for the community, and as a member of the community, you are welcome to create pull requests for your favorite plugins.
Bare in mind that the Cookiebot plugin itself is giving the users the ability to become compliant, but it is not our responsibility to fix every other plugin so that it works with Cookiebot, nor is it our responsibility to make WP Core compliant. WP Core is actually working on that right now.
The Github repo was created today, and we are ready with our first integration to MonsterInsights. In the near future, we will extend it with integrations to other plugins, so do you have anything on your wish list?
Right now there is no documentation, but all you have to do is add the addon/plugin to your plugins folder and activate it.
Gotta agree with the OP here. Don’t all reputable theme/plugin devs use wp_enqueue_script? It was my understanding that it’s the *proper* WP way.
I’m doing a CookieBot implementation for our company’s WP site now and it’s insane having to figure out how to edit each script tag (and having to figure out what to categorize each, even though you already have them categorized in your admin system.)
Having individual add-ons made for each plugin that have to be installed one by one sounds like an ongoing nightmare for all involved. (Though it would be better than the status quo.) What’s more, if we’ve got cookie-ing scripts enqueued in our custom theme that Cookiebot knows about, those still will always need custom work, whereas the OP’s method could cover all or most of the edits involved in that as well. (Whereas the plugin addon method will never help with custom theme enqueues.)
Don’t all reputable theme/plugin devs use wp_enqueue_script
The short answer is no.
All reputable WP analytics plugins we have seen so far use wp_head or wp_footer to include the script. Few have used wp_enqueue_script to include script files with additional functionality.
It is not possible to add a hook to manipulate wp_head, other than using output buffering, or through the remove_action method, which introduces other problems.
Moreover, your suggested approach is a string comparsion, where we search for javascript files that set cookies on your website. When we find a <script> tag in the wp_enqueue_script pipeline, that contains the javascript file, you propose that we change it so that it works with Cookiebot. What if a WP user has two (or several) plugins that insert a script tag with the same filename, but on different pages? Your proposal would also block the other script from working, even if it isn’t setting cookies. You may think that this is a rare case, but since WordPress runs 30% of the internet, this WILL happen. How will your approach work with inline scripts; those with no src attribute, which we cant filter?
Now you may have various workarounds but unfortunately it isn’t a stable solution at all.
The real solution would be if a users consent state could be signaled to WP Core, and accessed by other plugins through WP Core. Then the plugin developers would not have to create specific support for Cookiebot, but would be working with this framework instead. Hopefully this will come in the future, as WP Core is working hard on making WP GDPR compliant, and we’ll do our best to contribute to this.
That is why we have created a ticket for the WP Core team to add this functionality. Please have patience and stay tuned at https://core.trac.www.ads-software.com/ticket/44043
- The topic ‘Unrealistic integration’ is closed to new replies.
