The PrestaShop plugin by iubenda allows you to automate the implementation of the cookie law rules, drastically reducing the necessity for direct interventions in the site’s code.
HEAD
section);If the installation is successful, you’ll get this message:
The module will then appear in your list of modules under “Modules & Services”.
Now it’s time to go configure the settings of the module.
Now that the module is ready, we need to feed it the necessary information from your iubenda account.
Once configured, the plugin will begin to show the banner on which your cookie policy will be shown/linked to users that visit your site for the first time without the need for any other further configurations. The plugin will also recognize and automatically detect and block the cookies indicated in the above block-list, that are present on your site.
Our PrestaShop extension automatically blocks scripts that are generated on the server side (therefore returned by PHP by PrestaShop). Scripts that are inserted into the page via JavaScript after the loading process of that page are not and cannot be blocked automatically.
These scripts can be blocked by entering the source into the Custom Script boxes in the plugin console or by using the manual wrapping method illustrated in the example below and (in more detail) in this help post
The Custom Scripts field makes it easy for you to block scripts inserted into the page directly from within the plugin console. This greatly reduces the need for direct edits to the site’s code.
Here’s how to do it:
Using these fields are pretty straightforward. Simply enter the script or iframe src attribute you’d like to block.
If you wanted to block a social button (which inserts scripts into the page via JavaScript), you’d simply need to enter the script source, e.g. connect.socialwebsite.net/en_US/track.js
into the scripts field.
Let’s say you wanted to block scripts inserted into the page via the following iframe
<iframe width="1280" height="720" src="https://www.videowebsite.com/embed/xxFhMChxx" frameborder="0" allow="accelerometer; autoplay; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe>
What you’ll need to enter into the iframe field would videowebsite.com/embed/
videowebsite.com/embed/xxFhMChxx
) to ensure that all scripts coming from the actual source are blocked.
This method requires you to directly modify your site’s code. You’ll need to go into the relevant section of your site’s code and add the scripts to be blocked as explained below.
<!--IUB-COOKIE-BLOCK-START-->
<script>
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s);
js.id = id;
js.src = "http://connect.socialwebsite.net/en_US/sdk.js#xfbml=1&version=v2.3&appId=808061959224601";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'socialwebsite-jssdk'));
</script>
<!--IUB-COOKIE-BLOCK-END-->
If there are HTML / IMG / IFRAME elements, you will need to do it this way:
<!--IUB-COOKIE-BLOCK-START-->
<iframe src="...
<img src="...
<!--IUB-COOKIE-BLOCK-END-->
For API calls and xmlrpc we suggest the parameter ?iub_no_parse=1
.
Always remember to back up your website before attempting any fix.
In some rare cases, the system may return a “forbidden” error when you enter the Cookie Solution script, or any other script, into the Cookie Solution module and click “Save”.
This is likely related to a ModSecurity property of Apache activated in the PrestaShop backend. To solve the issue, you’ll need to disable the mod_security module. You can do this using the following procedure:
Click on Shop Parameters -> Click on Traffic&Seo -> Find the “Disable Apache ModSecurity Module” and set to “Yes”.
If for some reason the procedure doesn’t work, it may be necessary to contact your web hosting provider regarding your particular site restrictions.
Fix: Follow code standard to avoid conflict on overriding
Fix: Add per-purpose on inline script tags
Tweak: Add GA to per-purpose blocking support
Fix: Move FB connect to experience enhancement
Tweak: Add Google GPT to per-purpose blocking support
Fix: admin.js ready method deprecation
Fix: limit url sanitize to http protocols
Fix: AddThis per-purpose category
New: Per-purpose script blocking support
New: “Reject” button support
Tweak: Simple HTML Dom PHP class update to 1.9
Tweak: Code handled with official code validator
New: Introducing a way to skip specific script parsing
Fix: Improved handling of iubenda script HTML
Tweak: Support links update
Tweak: Adjust the iubenda PHP class handling
Tweak: Update iubenda logo
New: Option to block custom scripts and iframes
Tweak: Update and extend the list of blocked scripts including Google Site Search, Google oAuth, LinkedIn widgets, PayPal widgets, Freshchat, UserVoice, AdRoll, Olark, Segment, Kissmetrics, Mixpanel, Pingdom, Bing and Elevio
Tweak: Update and extend the list of blocked scripts including Pinterest, AddThis, Disqus, Optimizely, Neodata, Criteo, Outbrain, Headway and CodePen
Tweak: Interface improvements
Fix: Invalid iubenda parser implementation
Tweak: Update and unify iubenda parsing engine
Fix: Eage output empty if script blocking disabled
Tweak: iubenda faster class regex update
Initial release