Comments (6)
Hi Henri,
fe_typo_user is a HTTP cookie in contrast to "normal" (HTTP +) HTML cookies.
They can only be set via HTTP-headers (Set-Cookie: ... ; HttpOnly
) and are not accessible in JavaScript.
cookieman is by design not able to unset or alter HTTP cookies.
Usually browser devtools show the type of cookie:
HTTP cookies are a good thing and should be used whenever possible because they are not prone to be read by some JavaScript library. See Session hijacking and XSS
at https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies for an example. They can also be used for fingerprinting.
We have a little information here https://docs.typo3.org/p/dmind/cookieman/master/en-us/Configuration/Reference/Index.html#trackingobjects-tracking-object-key-show-tracking-item-key-type - do you suggest making the different types of cookies more clear there?
from extension-cookieman.
Ok. Thanks for the clarification. We had that subject once before, but I missed to see it here. Important session cookies(login) will not be subject to javascript manipulation. Got it.
from extension-cookieman.
maybe have a comment line at the place to hint this aspect.
from extension-cookieman.
@TrueType Can you propose one, please?
from extension-cookieman.
Hmm. At first I thought putting a comment in fe_typo_user.typoscript above the type
property. But that is not general enough. The code examples bring 4 types, only one of which has the removal of cookies. So it may be better to have an explanation of the type
property altogether. I check the documentation for it. But there is nothing about types there. I guess there should be a chapter about types in the documentation. Possibly with some background and links to the matter. To say, some cookies may not be removed by JS. What is LocalStorage. ... Then there is an example setup.typoscript in the code and and example TS for type pixel
. There is no general example for tracking objects or not 4 TS tracking object examples by type in the code. A single example in the code may be enough to have a hint -> see documentation for types. 4 examples would make it very clear, that type is important.
I hope you don't think I am talking bullshit. The extension and documentation is already high quality. There is no need for overperfection.
from extension-cookieman.
Glancing through the documentation I think we have some misleading information in it.
The how-to has an HTTP cookie example with htmlCookieRemovalPattern
which does not make any sense.
Here and here we advertise cookie removal but fail to explain that this is only possible for HTML cookies.
In the reference we should note that cookie_http+html
is the only one that allows cookie removal. Also the type pixel
from the newly added FacebookPixel example should be added there.
from extension-cookieman.
Related Issues (20)
- typo3/cms-composer-installers:^4 compatibility will need some work HOT 4
- Add test if the modal window can be displayed HOT 7
- group.respectDnt = 0 is not respected HOT 4
- Too few arguments to function Dmind\Cookieman\DataProcessing\TypoScriptSettingsProcessor::__construct(), 0 passed in HOT 2
- EditorConfig sets wrong indent size HOT 5
- Logo in modal header HOT 2
- Class btn-small doesn't exist in Bootstrap 3
- Google Consent Mode Integration HOT 2
- CookieConsent cookie expires only after 1 week HOT 4
- Accessibility: Fix headline hierarchie in modal HOT 1
- TYPO3 12 compatibility HOT 17
- htmlCookieRemovalPattern for GA4 tag HOT 3
- Could it be possible to include bootstrap js in extension HOT 1
- Option to refresh page if user accept all cookies HOT 2
- Cookies get set on page refresh despite preferences HOT 2
- Setting: Open with a time delay HOT 4
- Update Google trackingObjects, lifespan etc. from official source HOT 1
- vanilla JavaScript is the future HOT 5
- Is there a way to link local/extension script-files via inject()? HOT 1
- Condition parse error HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from extension-cookieman.