如何以通用方式禁用 cookie 直到用户接受 cookie [英] How to disable cookies in a generic way till cookies are accepted by user
问题描述
有没有一种奇特的方法可以禁用 cookie,直到用户接受它们?
Is there a fancy way to disable cookies untill the user accepts them?
以下问题:我有一个使用大量 cookie 的网上商店,为了符合 GDPR,我们需要禁用"cookie,直到用户接受它们.我不想重写整个商店系统,因此我正在寻找通用的解决方案.
Following Problem: I have a webshop which uses quite a lot cookies and in order to be GDPR conform we need to "disable" cookies untill the user has accepted them. I do not want to rewrite the whole shop system and therefore I am searching for a generic solution.
我的方法是:
- 取消设置我们服务器发送的所有
set-cookie标头(通过 nginx 或 php)
- unset all
set-cookieheaders sent by our server (via nginx or php)
但仍然存在一些问题:
- 如何在不完全删除 cookie 的情况下阻止外部网站设置 cookie(bing、google、fb 等)
- 如何在不修改所有 javascript 源的情况下防止 javascript 设置 cookie(是否可以覆盖浏览器功能,以便您无法通过 JS 设置 cookie)
- how can I prevent external sites from setting cookies without completely removing them (bing, google, fb, ..)
- how can I prevent javascript from setting cookies without modifying all javascript sources (is it possible to override the browser functions so you can't set cookies via JS)
推荐答案
如果您关注 GDPR 合规性,仅删除 cookie 是不够的.您需要禁用任何收集个人身份信息 (PII) 的跟踪脚本.
If GDPR compliance is your concern, just removing cookies won't be enough. You need to disable any tracking scripts collecting personally identifiable information (PII).
我建议将所有跟踪脚本移至 Google 标签管理器,并使用 Simo Ahava 概述的方法.指南 1 和 指南 2.他的方法不适用于跟踪非 Google 的标签,但使用自定义触发器您可以阻止任何事情.
I recommend moving all tracking scripts to Google Tag Manger, and using the methods outlined by Simo Ahava. Guide 1 and Guide 2. His methods don't work great for tracking tags that aren't Google, but with a custom trigger you can stop anything.
话虽如此,如果您只想删除 cookie,应该这样做.
That being said, if you do just want to remove cookies, this should do it.
function deleteCookies() {
var theCookies = document.cookie.split(';');
for (var i = 0 ; i < theCookies.length; i++) {
document.cookie = theCookies[i].split('=')[0] + '=; path=/; expires=Thu, 01 Jan 1970 00:00:01 GMT;';
}
}
这篇关于如何以通用方式禁用 cookie 直到用户接受 cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
