Sometimes a script is loaded from an external source. and here is how to deal with it.
To block or allow external cookie-setting scripts we need to use two custom
attributes handled by js library:
- data-consent-src which keeps the src of the script to be executed, and
- data-category-consent which keeps the label of the category (i.e.:
'cookie_cat_marketing').
Also, we need to leave the src attribute empty. So, we have to move value from 'src'
attribute to 'data-consent-src'.
Original code
Example of an external script:
<script type="text/javascript" src="http://example.marketingscript.com"></script>
Using the Cookie Control SDK and setting the cookie_cat_category to marketing
<script type="text/javascript" src=""
data-consent-src="http://example.marketingscript.com"
data-category-consent="cookie_cat_marketing"></script>
Example scenarios:
The visitor consent to marketing cookies:
- visitor agrees on setting marketing type cookies (cookie_cat_marketing)
- website loads
- js library finds the script
- js library fires script with src="http://example.marketingscript.com", because it has
the data-category-consent attribute set to the category that is agreed on by the user - the request fires marketing cookies from this initiator can be set in visitor's browser
The visitor doesn't want marketing cookies to be set in his/her browser:
- visitor disagrees on setting marketing type cookies (cookie_cat_marketing)
- website loads
- js library finds the script
- js library blocks request (http://example.marketingscript.com), because it has
the data-category-consent attribute set to the category that he/her disagreed on - the request doesn't fire–marketing cookie from this initiator can't be set in visitor's browser