News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

[WIP/BETA] EU cookie law

Started by emanuele, April 21, 2012, 04:30:56 PM

Previous topic - Next topic
Print
Go Down Pages 1 ... 6 7 8 9 10 ... 13
User actions

martec

#140
May 26, 2012, 10:11:22 PM
Quote from: Arantor on May 26, 2012, 07:52:46 AM
Well, XenForo is particularly relevant, it's a paid forum software based primarily (entirely?) in the UK and they've not made any active moves towards it at all.

mybb is free but has plugin hxxp:mattrogowski.co.uk/mybb/plugins/plugin/cookie-law [nonactive]

Arantor

#141
May 26, 2012, 10:25:38 PM
With all due respect, that's not the point.

The point is XenForo is a UK-based forum software, whereas MyBB isn't. And XenForo is not making any moves that I can see towards changing their situation.

CircleDock

#142
May 27, 2012, 01:35:13 AM
Quote from: martec on May 26, 2012, 10:11:22 PM
Quote from: Arantor on May 26, 2012, 07:52:46 AM
Well, XenForo is particularly relevant, it's a paid forum software based primarily (entirely?) in the UK and they've not made any active moves towards it at all.

mybb is free but has plugin http://mattrogowski.co.uk/mybb/plugins/plugin/cookie-law
Well that plug-in doesn't work, I received 3 cookies just to read the cookie warning message. It also sets a cookie if you decline to accept them!

JohnS

#143
May 28, 2012, 08:53:37 AM
Given the 11th hour update allowing implied consent I have now just gone for the Google solution, a simple javascript and one line in the template which requires all first time visitors to agree to cookies or get diverted back to another site of your choice, with of course a link to the privacy page which defines what cookies are used.
Whilst it may not fully fill the letter of the law, I feel it is enough to fill the meaning of the directive.

http://code.google.com/p/cookie-warning/

Arantor

#144
May 28, 2012, 08:56:10 AM
Funnily enough that won't prevent search engines like Google getting to your site, and anyone who has JS disabled won't even see it anyway, but it's probably acceptable in the eyes of the law because you're making reasonable attempts to do so (though the cookie still gets *set* anyway)

feline

#145
May 28, 2012, 09:30:43 AM
That script helps nothing .. if it's shown, SMF have created cookies  :D

JohnS

#146
May 28, 2012, 10:13:37 AM
Yes, as I said it does not fulfil the letter of the law, at least the UK law. But it does give the visitor an informed choice as to whether to continue on the site or not, which should meet the implied permission ruling.
Although it does not delete the cookies and allows the session ID to be set, the session ID will go when the browser is closed and the log in cookie is only for logged in members who have signed up knowing that cookies are set, that is something I did last year so I was never worried about setting cookies for logged in members.
I agree that if you have javascript turned off you will not see the note, but you can put a noscript tag in with information that you have disallowed javascript and if they proceed you are implying agreement to the setting of cookies. I have not done that yet and am still considering whether it is essential.
Hopefully at some point in the future SMF will become EU friendly and build the requirement into the core code.

butchs

#147
May 28, 2012, 10:24:28 AM
Glad I am in the USA and do not have to worry about EU laws! 
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Arantor

#148
May 28, 2012, 10:25:11 AM
For now. The odds are that the US will implement something similar before long.

butchs

#149
May 28, 2012, 10:29:14 AM
I doubt they will do anything until after the Presidential election.  Then there will be such a debate it will be twisted into something that benefits Corporate interests.  :o
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

MrPhil

#150
May 28, 2012, 10:47:09 AM
Quote from: butchs on May 28, 2012, 10:29:14 AM
Then there will be such a debate it will be twisted into something that benefits Corporate interests.

No, the debate will be for public consumption. Behind the scenes, the corporate lobbyists will make sure to write it so that it benefits the Corporacracy. My prediction is that it will be sprinkled with onerous conditions (unrelated to tracking cookies and privacy) that make it impossible for the Little Guy to run a website, particular online retailing (in the name of preventing piracy, counterfeit goods, sales tax evasion, and the decline of brick and mortar stores). Forums/blogs will also be restricted to prevent hate speech and material unsuitable for children.

Sign me up for the Revolution. It's time to display the heads of the 1% on pikes.

CircleDock

#151
May 28, 2012, 11:27:49 AM
Quote from: Arantor on May 28, 2012, 10:25:11 AM
For now. The odds are that the US will implement something similar before long.
I would expect that to codify the "Do Not Track" proposals into law. And that's probably a far more sensible way to tackle the issue since it would allow for essential cookies to be set but the site would be required to honour DNT with regard to tracking cookies.

Arantor

#152
May 28, 2012, 11:32:32 AM
Have they actually agreed on a single consistent DNT format yet? Last I saw, each of the browsers that implemented it did so differently...

CircleDock

#153
May 28, 2012, 02:32:26 PM
Quote from: Arantor on May 28, 2012, 11:32:32 AM
Have they actually agreed on a single consistent DNT format yet? Last I saw, each of the browsers that implemented it did so differently...
Apparently yes. This is the recommended method to test if DNT is set (or not):

Code Select

    $DoNotTrackHeader = "DNT";
    $DoNotTrackValue = "1";

    $phpHeader = "HTTP_" . strtoupper(str_replace("-", "_", $DoNotTrackHeader));

    if((array_key_exists($phpHeader, $_SERVER)) and ($_SERVER[$phpHeader] == $DoNotTrackValue))
    {
        // Do Not Track is enabled
    }
    else
    {
        // Do Not Track is not enabled
    }

Arantor

#154
May 28, 2012, 02:51:15 PM
If you're referring to the DNT measures indicated by http://donottrack.us/ please note the information as per http://ie.microsoft.com/testdrive/Browser/DoNotTrack/Default.html though I note that Firefox 5 is mentioned rather than current versions nor is it clear what Chrome or Safari versions are relevant.

But IE8 and lower doesn't support it, Chrome current beta does not support it either, I can't find much on Opera, though IE9 and Firefox do.

CircleDock

#155
May 28, 2012, 03:40:43 PM
Agreed - although Chrome does have related settings - "Do not allow sites to track me" but that doesn't conform to "DNT".  Also you can set an option not to allow third-party cookies to be accepted which does appear to work.

Arantor

#156
May 28, 2012, 04:07:55 PM
And since Chrome is the second most popular browser (and has been known to be the most popular browser for days at a time), I would see this as a fairly major oversight...

CircleDock

#157
May 28, 2012, 09:45:22 PM
There possibly a good reason for that: Google doesn't want its browser users to reject tracking ...  ;)

nend

#158
May 28, 2012, 10:59:10 PM
Quote from: CircleDock on May 28, 2012, 09:45:22 PM
There possibly a good reason for that: Google doesn't want its browser users to reject tracking ...  ;)
Speaking of DNT, how do you track clicks on adverts?

MadTogger

#159
May 31, 2012, 12:36:55 PM
Thank you emanuele for the mod.  :)
Print
Go Up Pages 1 ... 6 7 8 9 10 ... 13
User actions
Advertisement: