Breakage at gitlab.com due to consent.cookiebot.com

[crssi]

Visit gitlab.com. You must not be signed-in.

1. Click on magnify glass and observe message under search field.
2. Allow consent.cookiebot.com, clear cache, hard reload site and repeat step 1.

Cheers

[spirillen]

Hi @crssi I can't replicate that and I have blocked cookiebot.com for quit some time now... https://www.mypdns.org/search/query/j8l7kKp71Hjk/#R

[crssi]

That is very strange... will make a screen recording later today and post it here.

Cheers

[crssi]

You are right. It seem to be only cosmetic annoyance nagging about cookies not being accepted... and those cannot be accepted when cookiebot.com is blocked, but no functionality seems to be broken.

Will close this now and reopen/open when/if a real breakage is to be found.

Thank you and cheers

[anudeepND]

@crssi Blocking cookiebot.com breaks the consent form right? I think this domain should be removed so that users can either decline or accept (or allow certain cookies only)

[crssi]

@crssi Blocking cookiebot.com breaks the consent form right? I think this domain should be removed so that users can either decline or accept (or allow certain cookies only)

Yes. That is exactly right.

UPDATE: But its a cosmetic ATM... at least on gitlab.com

[anudeepND]

I have seen several websites that automatically assumes that you're agreed to set tracking cookies when you start browsing without accepting or denying the consent form. So it is better to remove the domain from the list

[spirillen]

Hmm if they do this within EU, they will be looking at a heavy fine according to the EU curt ruling last September (2019) :smile: Which is also one of the only positive thing about the GDPR, as nobody reads the policies, they just lie and clicks yes. Next to this the lies about "necessary" :cookie: which is 0 for ordinary browsing.

So for the EU citizens I would recommend keeping the record to help protect those millions of people from legal(law) tracking.

[anudeepND]

Hmm if they do this within EU, they will be looking at a heavy fine according to the EU curt ruling last September (2019) 😄 Which is also one of the only positive thing about the GDPR, as nobody reads the policies, they just lie and clicks yes. Next to this the lies about "necessary" 🍪 which is 0 for ordinary browsing.

So for the EU citizens I would recommend keeping the record to help protect those millions of people from legal(law) tracking.

As I suspected, there are two methods:

I will remove this domain from the list

[anudeepND]

Thanks @crssi for reporting. Closing

[spirillen]

I have just tested this from a non EU ip

Damned ... :thought_balloon: happy I'm moving all my issues from GH/GL... :thought_balloon:

[crssi]

Sorry @anudeepND, we have also problem with consent.cookiebot.com.edgekey.net which is inline with the domain/host reported here.

Or should I open a new issue?

Thank you

[anudeepND]

I will remove it in the next update, no need to open the new issue

[crssi]

You are a 💎 . 😄

❤️

[anudeepND]

consent.cookiebot.com.edgekey.net is not present in the list

[dnmTX]

consent.cookiebot.com.edgekey.net is not present in the list

looks like a CNAME and NextDNS blocks them as well. So whatever domain is tight to it they're both being blocked,and vise versa.

[crssi]

@anudeepND No, its not. Its only me needing a new pair of glasses and check the right browser tab before asking. 😢 I am sorry for false alert, but you are a 💎 anyway 😄.

Cheers

[anudeepND]

@dnmTX do you have any additional info?

[dnmTX]

@dnmTX do you have any additional info?

@anudeepND found two recent examples(there are more,i just got sick searching 😉 ) which concluded,at least to me that NextDNS engaging in wildcard and CNAME blocking and it could be even more: https://github.com/StevenBlack/hosts/issues/1452 https://github.com/StevenBlack/hosts/issues/1389 You be the judge 😄

[crssi]

@dnmTX @anudeepND already did the change removing cookiebot.com and with that his list has nothing to do with the consent.cookiebot.com.edgekey.net anymore, not even over CNAME lookup. I wanted to post an issue for the consent.cookiebot.com.edgekey.net to 1Hosts and to OISD which I had already opened in another browser tabs and I have mistakenly "harass" @anudeepND.

[dnmTX]

@crssi i do believe me and @anudeepND discussing NextDNS which has nothing to do with your resolutions/requests here.

[anudeepND]

@dnmTX @anudeepND already did the change removing cookiebot.com and with that his list has nothing to do with the consent.cookiebot.com.edgekey.net anymore, not even over CNAME lookup. I wanted to post an issue for the consent.cookiebot.com.edgekey.net to 1Hosts and to OISD which I had already opened in another browser tabs and I have mistakenly "harass" @anudeepND.

No worries :) @crssi

[crssi]

Oh... I see. 👍

[anudeepND]

@dnmTX thanks for the links, CNAME blocking makes it more difficult to maintain the hostfiles, I dunno how many false positives are lurking in the list 😅

[dnmTX]

@dnmTX thanks for the links, CNAME blocking makes it more difficult to maintain the hostfiles, I dunno how many false positives are lurking in the list 😅

Many complaints/issues showing up from Pi-Hole(users) as well. At least over there is straight forward,if the domain is on the list it will block it's CNAME and that's it. On the other hand with NextDNS,if you have listed some CNAME it will block it and it will also block whatever domain(s) are tight to it,even though the domain is not present in any list.

Either way removing CNAME(s) because of that reason is wrong as in many cases(as you know) they're used separately to push ads,malware and who know what other garbage. This is not the solution.....!!!!!