SSL Labs ScoreSecurityHeaders.io Score

Log in to participate

There is no cost to join RicheyWeb, and membership is a requirement to submit bug reports and participate in the support forums.

× EU e-Privacy Directive needs your help!

A free extension like this survives only by reputation. You can help by submitting a review in the Joomla Extension Directory. Please take the time to make a review by clicking on the link below (opens in a new window)

extensions.joomla.org/write-review/review/add?extension_id=4850

Third Party Cookies not being removed

More
2 months 1 week ago - 2 months 1 week ago #2544 by NickV
NickV created the topic: Third Party Cookies not being removed
Running the latest version or e-Privacy Directive 3.10.13 on a Joomla 3.8.12 site.

The session cookie for the domain is being removed. However third party cookies (YouTube, Vimeo, Issuu and others) are not being removed when required.

I have tried adding the (dot) domain and '/' to Global Configuration > Cookie Settings with no success.

I have added all the third party cookie domains to the advanced tab of the plugin with no success.

What I need to query is whether the ACL steps of the configuration instructions (i.e creating a new user group and a new viewing access level) are NECESSARY for this plugin to successfully remove third party cookies? I have no modules or plugins that I want to block before cookies are accepted but do I still need to do the ACL steps to make third party cookie removal work?

If I DO need to do it is it necessary to set viewing access levels for both 'Cookies accepted' and 'Cookies not accepted'?

Thanks
Last Edit: 2 months 1 week ago by NickV.

Please Log in or Create an account to join the conversation.

More
2 months 6 days ago - 2 months 6 days ago #2548 by NickV
NickV replied the topic: Third Party Cookies not being removed
I have tried the ACL steps and kept them simple and in line with the instructions I hope! Attaching some screenshots of our user groups and levels setup and the plugin advanced config. Have I made a simple mistake somewhere?
Attachments:
Last Edit: 2 months 6 days ago by NickV.

Please Log in or Create an account to join the conversation.

More
2 months 6 days ago #2549 by michael
michael replied the topic: Third Party Cookies not being removed
3rd party cookies can be prevented, but once set they cannot be removed by any site but the site that set them.

So, my extension uses the Joomla ACL to prevent elements that set 3rd party cookies from loading. Once they're loaded, however, your site/browser is restricted by the Javascript Same-Origin policy. google.com can't set cookies for your site, and your site can't set cookies for google.com.

en.wikipedia.org/wiki/Same-origin_policy

Please Log in or Create an account to join the conversation.

More
2 months 5 days ago - 2 months 5 days ago #2552 by NickV
NickV replied the topic: Third Party Cookies not being removed
Thank you Michael. If my understanding is correct you're saying that a 3rd party cookie from YouTube, Vimeo etc can't be removed if it's already been set. My problem is that they are being set right from the get-go even if the user has requested to decline all cookies. My third party cookies all originate from iframes (e.g. Issuu) or from embeds via the All Videos plugin (e.g. YouTube).

I think I have set everything up right because I can make a module appear and disappear when assigning it to a viewing level. Further the session cookie (?) (the one with the website's URL as its name) comes and goes correctly too. As I say I just need to prevent 3rd party cookies from being set in the first place which should be possible.
Last Edit: 2 months 5 days ago by NickV.

Please Log in or Create an account to join the conversation.

Forum Access

  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to add attachements.
  • Not Allowed: to edit your message.
Kunena Forum

Forum Menu