pwix:cookie-manager
A cookie management package for Meteor which aims to conform to "Guidelines 05/2020 on consent under Regulation 2016/679" EU recomandations.
It provides:
-
the methods to let the application (resp. another package) publish their respectives cookies to respect the disclosure obligation
-
a consentement dialog as a Blaze component
-
the methods to let the application (resp. another package) get the cookies status.
This has been written because selaias:cookie-consent
seems to no more be maintained. So the need of a current package has arisen. Note that, contrarily to selaias:cookie-consent
, this one doesn't requise ostrio:cookies
. Instead, it relies on localStorage
to store user consentement.
The cookie object
pwix:cookie-manager
doesn't manage the cookies by themselves, I mean their value. So, whether the cookie is really a cookie, i.e. a data file sent from the server to the client before HTTP headers, and so on, is entirey up to the application (resp. another package).
Instead, pwix:cookie-manager
manages what can be called the cookie semantic, i.e. a name and a description, an originator, a category, a status, along with some other properties which are only lelevant for the aim of management. All that semantic, along wihh the user consentement, is stored in the localStorage
of the browser.
pwix:cookie-manager
distinguishes five type of cookies:
CM_CAT_TECHNICALS
CM_CAT_FUNCTIONALS
CM_CAT_STATISTICS
CM_CAT_MARKETING
CM_CAT_THIRD
pwix:cookie-manager
makes the cookie have three status:
-
it may be enabled and not disableable: the cookie is operational, and the user cannot refuse it
-
it may be enabled and disableable: the cookie defaults to be operational, but the user can refuse it
-
it may be disabled: the cookie is not operational, has been previously refused by the user.
Configuration
The package's behavior can be configured through a call to the cookieManager.configure()
method, with just a single javascript object argument, which itself should only contains the options you want override.
There is at the moment a single configuration option:
-
verbosity
Define the expected verbosity level.
The accepted value can be any or-ed combination of following:
-
CM_VERBOSE_NONE
Do not display any trace log to the console
-
CM_VERBOSE_COMPONENTS
Trace Blaze components life:
- creation
- rendering
- destruction
-
CM_VERBOSE_CONFIGURE
Trace
cookieManager.configure()
calls and their result -
CM_VERBOSE_DUMP
Dump the
cookieManager
global object at startup. -
CM_VERBOSE_STORAGE
Dump the localStorage first at startup, and then on user choice from
cmConsent
(client-side only).
-
Please note that cookieManager.configure()
method should be called in the same terms both in client and server sides.
Also note, as an explicit reminder for the fools, that, because the Meteor packages are instanciated at application level, they can be configured once at most, and only once at most. Each addtionnal call to cookieManager.configure()
will just override the previous one. You have been warned: only the application should configure a package.
Provides
A global object
cookieManager
This object is allocated at package level: there is only one instance in your application. It gathers the available methods (see below).
pwix:cookie-manager
attaches this global object to the global Meteor one, so that every willing-to packages is able to take advantage of the available methods to publish their own cookies throught Meteor.cookieManager
, without having to first require
or import
the package, or even make it a dependency.
Constants
-
CM_VERBOSE_NONE
-
CM_VERBOSE_COMPONENTS
-
CM_VERBOSE_CONFIGURE
-
CM_VERBOSE_DUMP
-
CM_VERBOSE_STORAGE
-
CM_CAT_TECHNICALS
-
CM_CAT_FUNCTIONALS
-
CM_CAT_STATISTICS
-
CM_CAT_MARKETING
-
CM_CAT_THIRD
References
cookieManager.Categories
The array of the known cookies categories:
CM_CAT_TECHNICALS
CM_CAT_FUNCTIONALS
CM_CAT_STATISTICS
CM_CAT_MARKETING
CM_CAT_THIRD
Methods
cookieManager.byCategory( category )
Returns the array of published cookies for the specified category.
cookieManager.configure( o )
See above.
cookieManager.isEnabled( name )
Returns whether the named cookie is authorized by the user.
cookieManager.publish( o )
This method let the application (resp. another package) publish the cookies it makes use of, so that the user is able to be informed of what he accepts or refuses.
In order to not rely on the initialization order, this method should be called from Meteor.startup()
.
o
here is either a javascript object which describes a cookie, or an array of such javascript objects. It may contains following datas:
-
name
The technical name of the cookie, as a string, so that, for example, this coud be checked by the user in his browser.
This
name
is expected to be a unique identifier of the cookie, cannot be empty. -
responsible
The application (resp. another package) name, as a string.
-
category
The category the cookie belong to.
Must be referenced in
cookieManager.Categories
. -
description
A brief description of the role of the cookie, as a string.
Defaulting to none.
-
lifetime
The lifetime of the cookie, as a string, from just the navigation session life to illimited.
Defaulting to english « Unknown ».
-
disableable
Whether the cookie can be refused by the user.
Defaulting to
true
. -
link
When we are describing a third-party cookie, the third-party main web site address.
Defaulting to none.
Blaze components
cmConsent
A modal dialog which let the user choose his privacy preferences.
The component is configurable with an object passed as an argument, which may contain:
-
dialogTitle
An optional string to be used as title in the dialog header, defaulting to english « Cookies preferences ».
-
acceptButton
An optional string to be used as the label of the
Accept all
button, defaulting to english « Accept all ». -
chooseButton
An optional string to be used as the label of the
Set my choices
button, defaulting to english « Set my choices ». -
functionalsAfter
An optional HTML string to be used after the content of the
functionals
tab, defaulting to nothing. -
functionalsBefore
An optional HTML string to be used before the content of the
functionals
tab, defaulting to nothing. -
functionalsContent
An optional HTML string to be used as the content of the
functionals
tab, defaulting to english« ...
-
functionalsLabel
An optional string to be used as the label of the
functionals
button, defaulting to english « Functional cookies ». -
functionalsTitle
An optional HTML string to be used as the title of the
functionals
tab, defaulting to HTML '<h5>Functional cookies</h5>
'.. -
marketingAfter
An optional HTML string to be used after the content of the
marketing
tab, defaulting to nothing. -
marketingBefore
An optional HTML string to be used before the content of the
marketing
tab, defaulting to nothing. -
marketingContent
An optional HTML string to be used as the content of the
marketing
tab, defaulting to english« ...
-
marketingLabel
An optional string to be used as the label of the
marketing
button, defaulting to english « Marketing cookies ». -
marketingTitle
An optional HTML string to be used as the title of the
marketing
tab, defaulting to HTML '<h5>Marketing cookies</h5>
'.. -
privacyAfter
An optional HTML string to be used after the content of the
privacy
tab, defaulting to nothing. -
privacyBefore
An optional HTML string to be used before the content of the
privacy
tab, defaulting to nothing. -
privacyContent
An optional HTML string to be used as the content of the
privacy
tab, defaulting to english« When you visit a web site, it may record some informations about you, your device, the previous web site you come from, or any other information it may find useful. « These informations are stored as _cookies, or other comparable technologies, which are essentially small data files. « Because your privacy is essential for us, we request your explicit consent to use and store these cookies.
-
privacyLabel
An optional string to be used as the label of the
privacy
button, defaulting to english « Your privacy ». -
privacyTitle
An optional HTML string to be used as the title of the
privacy
tab, defaulting to HTML '<h5>Your privacy</h5>
'. -
rejectButton
An optional string to be used as the label of the
Reject all
button, defaulting to english « Reject all ». -
statisticsAfter
An optional HTML string to be used after the content of the
statistics
tab, defaulting to nothing. -
statisticsBefore
An optional HTML string to be used before the content of the
statistics
tab, defaulting to nothing. -
statisticsContent
An optional HTML string to be used as the content of the
statistics
tab, defaulting to english« ...
-
statisticsLabel
An optional string to be used as the label of the
statistics
button, defaulting to english « Statistics cookies ». -
statisticsTitle
An optional HTML string to be used as the title of the
statistics
tab, defaulting to HTML '<h5>Statistics cookies</h5>
'.. -
technicalsAfter
An optional HTML string to be used after the content of the
technicals
tab, defaulting to nothing. -
technicalsBefore
An optional HTML string to be used before the content of the
technicals
tab, defaulting to nothing. -
technicalsContent
An optional HTML string to be used as the content of the
technicals
tab, defaulting to english« ...
-
technicalsLabel
An optional string to be used as the label of the
technicals
button, defaulting to english « Technicals cookies ». -
technicalsTitle
An optional HTML string to be used as the title of the
technicals
tab, defaulting to HTML '<h5>Technicals cookies</h5>
'.. -
thirdAfter
An optional HTML string to be used after the content of the
third
tab, defaulting to nothing. -
thirdBefore
An optional HTML string to be used before the content of the
third
tab, defaulting to nothing. -
thirdContent
An optional HTML string to be used as the content of the
third
tab, defaulting to english« ...
-
thirdLabel
An optional string to be used as the label of the
third
button, defaulting to english « Third-party cookies ». -
thirdTitle
An optional HTML string to be used as the title of the
third
tab, defaulting to HTML '<h5>Third-party cookies</h5>
'..
This dialog is modal, i.e. it blocks any user input other than clicking one the three buttons.
-
English version
-
French version
cmSliding
A sliding alert band displayed in the bottom of the screen, to let the user be informed or the existence of a cookies policy.
Contrarily to cmConsent
, this component is not blocking. The user is able to just ignore it.
As this component provides a link to the cookies manager modal dialog, it may take the exact same parameters than cmConsent
, plus some specifics:
-
cookiesPolicy
Whether to display a link to the site wookies policy.
If provided, then the component will display a short sentence « Read our cookies policy ».
On click, the
cm-policy-click
event will be triggered oncmSliding
component.Defaults to
false
.
And that is an english version
And a french version
Informational messages
cm-policy-click
This event is triggered on the cmSliding
component when the developer has requested the display of a link to the cookies policy, and the user has clicked this link.
NPM peer dependencies
Starting with v 0.1.0, and in accordance with advices from the Meteor Guide, we no more hardcode NPM dependencies in the Npm.depends
clause of the package.js
.
Instead we check npm versions of installed packages at runtime, on server startup, in development environment.
Dependencies as of v 1.0.0:
'merge': '^2.1.1'
Each of these dependencies should be installed at application level:
meteor npm install <package> --save
Translations
New and updated translations are willingly accepted, and more than welcome. Just be kind enough to submit a PR on the Github repository.
Cookies and comparable technologies
pwix:cookie-manager
makes use of localStorage
to record its technical and functionals required informations. All of these are considered as non disableable by the user, and are advertised as such.
P. Wieser
- Last updated on 2023, May 1st