Description:

This PR adds a new 'challenge' to the 'Become a Matomo Expert' widget which is part of the Tour plugin. It will check for popular consent managers installed on the currently selected site and if detected will show a link to an FAQ showing how to integrate them with Matomo. Additionally it will check to see if the integration code is present on the website and if so automatically mark the challenge as complete.

A bit more detail:

When the Challenge object is constructed it will perform a simple cURL request to grab the current site main URL into a string and then check this against a known list of consent manager identifiers.

There are three possible outcomes:

• No consent manager is detected on the website - if this happens the challenge constructor will use the new Challenge::isDisabled() method to disable itself and it will not be shown on the widget.
• A consent manager is detected, but no integration code was detected - the challenge will be shown on the widget as uncompleted.
• A consent manager is detected and the integration code is detected - the challenge will be shown on the widget as completed.

The known consent managers are stored in a assoc array with detection strings and the URL for the guide, this can easily be extended in the future to cover more consent managers.

Currently supported: Osano, Cookiebot, CookieYes, Tarte au Citron, Klaro and Complianz GDPR for WordPress.

The linked guides are not public yet, but the included URLs will point to the correct location when they published.

One issue to consider is that this will cause a page load hit to the tracked website every time the widget is loaded. We could possibly soften this by adding a 'last checked' timestamp somewhere to ensure that we never check more frequently than say every 5 minutes. Another tweak could be to set the last checked timestamp a week(?) into the future if either no consent manager is detected or the consent manager is detected and is connected. Additionally we might want the cURL page load to use a user agent that avoids tracking or at least identifies as a robot of some sort.

Thoughts on this much appreciated!

Ref: DEV-3004

Review

• Functional review done
• Potential edge cases thought about (behavior of the code with strange input, with strange internal state or possible interactions with other Matomo subsystems)
• Usability review done (is anything maybe unclear or think about anything that would cause people to reach out to support)
• Security review done
• Wording review done
• Code review done
• Tests were added if useful/possible
• Reviewed for breaking changes
• Developer changelog updated if needed
• Documentation added if needed
• Existing documentation updated if needed