New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
'requireConsent' has not effect on cookie setting #13246
Comments
I can confirm this is still happening in version 3.13.5. |
Maybe there is another way to make sure Matomo tracking code is loaded only after consent is given? For instance, I tried to add the tracking code dynamically using JS, instead of hard-coding it into the HTML; but tracking wouldn't work this way for some reason.. |
Any chance to get this fixed... after 2 years? With this matomo isn't really GDPR ready |
I tried an external consent Wordpress plugin called "GDPR Cookie Consence". This is placing the matomo code first if the user set the opt-in. No cookies will be set. After rejecting the opt-in the cookies will be deleted... Great, but... if the user set's the opt-in the matomo code will be placed and the cookis set. This is I think through a page reload. At the End I have 1 visit and 2 page views in matomo instead of 1 visit and 1 page view. :-( |
@Sven74Muc we might have a look into this in a few months. |
I have moved this into 4.1.0 just so it doesn't get lost (as I think this would be really useful for being compliant with future privacy changes). If someone else wants to contribute this feature, it would be possible to get it earlier. |
Think it is not only useful for being compliant with future private chances... it's needed today to be compliant. |
If this is solved only in a few month (after two yearf of no change) I need to delete all matomo installations and have a look for another system. |
btw this refs #13056 I guess requireCookies would be calling disableCookies and then setConsentGiven would enableCookies (unless the user called |
No, cookies are not allowed to set before consent is given (opt-in). Calling disabledCookies is not GDPR conform. There will be much court rulings in the future. The other thing is trust.. Do you think a visitor trust that a disabled cookie is realy disabled? If a cookie is there it is there and you cant't controll what it is doing. The fact that it is there generates question, doesn't matter what law is saying. |
It's only how it would work internally. The user etc won't notice any of this. |
So I maybe missunderstood you. As long as before the opt-in no cookies are set in the browser of the user it is fine. |
How can we get this to 4.0.0 ?? |
The guaranteed way is by someone creating a Pull Request which contributes this change. |
Hmmm... this means I need to develope it? I'm not a programmer :-( |
FYI I'll look into this in the next days and we're planning to have this in the next 3.X release |
Apologies this took so long! I can totally understand any frustration. We'll do our best so this won't happen again. I've worked on this and if anyone is familiar with patching files on a server then you could try to update your |
Fixed by #16173 |
Good day,
due to our goal to achieve GDPR compliance, we're trying to implement an opt-in procedure using a commercial cookie-plugin called "Borlabs Cookie" with our WordPress-Network.
We embedded Matomo with the following code/attributes:
Tracking works fine, but Matomo creates _pk_id and _pk_ses at every session's start, also if we don't set
<script type="text/javascript"> _paq.push(['setConsentGiven']); </script>
at the bottom of the page, using our plugin.'rememberConsentGiven' is no option, since we want to use our WordPress plugin to handle opt-in/opt-out.
The support-pages weren't helpful as this doesn't seem to be the expected behaviour of "requireConsent". Could you please give me some advice on how to solve this problem?
Thank you!
The text was updated successfully, but these errors were encountered: