Open philipp-classen opened 1 month ago
The proper fix is arguably to add Pandectes as a consent manager in https://github.com/ghostery/trackerdb
On a second thought, the filter is so generic: /consent-tracking-api.js
Adding it directly to TrackerDB will likely lead to false-positives; that means, requests that would be wrongly attributed to Pandectes. Instead, it looks best to simply add an exclusion for it. In other words, disabling the rule in Ghostery as a first step; afterwards we can see if there is more things that needs to be improve.
The rules is removed now and an update is on the way.
I'll leave this issue open, since I cannot tell if it fixes already all problems.
The script /consent-tracking-api.js is from Shopify Consent API and is also required and needs to run - the Pandectes CMP script is https://cdn.shopify.com/extensions/02d924bd-ccab-48ca-befb-11ad58fdd7a4/pandectes-gdpr-compliance-68/assets/pandectes-core.js The proper rule should be any script that starts with name pandectes-*
@tsirakis I'm sorry, but I cannot reproduce. There is a request to https://cdn.shopify.com/extensions/02d924bd-ccab-48ca-befb-11ad58fdd7a4/pandectes-gdpr-compliance-68/assets/pandectes-core.js
, but it is not blocked by Ghostery. (I tested on https://pandectes.myshopify.com/ and tried with Firefox, Chrome, and Edge.)
If you can still reproduce, can you please share the type of browser that you're using? Are there extra steps, or is it sufficient to visit https://pandectes.myshopify.com/?
I cannot see details on your plugin, but on Firefox 126.0 (64bit) on Mac with the plugin enabled, our banner doesn't load.
Okay, you mean the cookie popup is not shown. On https://pandectes.myshopify.com/ (left: with Ghostery, right: without Ghostery) both on Firefox 126:
The community lists block other requests, which leads currently to this behavior. Well, for typical Ghostery user, this should not be too bad. I will leave it open and add the "Never-Consent - no cookie popup". The standard behavior in the context of Ghostery would be that the dialog is not suppressed, but being shown and handled by Never-Consent.
With the next update of the adblocker, this can be tested again (this be live tomorrow).
Background: we merged a related fix here: https://github.com/ghostery/broken-page-reports/issues/656. It fixes a problem that could have been a regression that I introduced by unblocking the request last week (https://github.com/ghostery/broken-page-reports/pull/651).
Thank you for your update. I can still see that our app overlay (id: gdpr-blocking-page-overlay) is blocked—with the plugin ON, the overlay div is not visible, and with the plugin OFF, it is visible.
On Thu, 23 May 2024 at 12:16, Philipp Claßen @.***> wrote:
With the next update of the adblocker, this can be tested again (this be live tomorrow).
Background: we merged a related fix here: #656 https://github.com/ghostery/broken-page-reports/issues/656. It fixes a problem that could have been a regression that I introduced by unblocking the request last week (#651 https://github.com/ghostery/broken-page-reports/pull/651).
— Reply to this email directly, view it on GitHub https://github.com/ghostery/broken-page-reports/issues/650#issuecomment-2126624985, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACULQZ7GDZ7CSRKEDTPC33ZDWXWDAVCNFSM6AAAAABH4EMSH6VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCMRWGYZDIOJYGU . You are receiving this because you were mentioned.Message ID: @.***>
Thanks, I can confirm that the overlay is still hidden. (Will be potentially fixed by https://github.com/ghostery/broken-page-reports/commit/0a43ecb7ce06376313ca4ec25e72a733dc0fee77, which brings the exclusion rule #@#gdpr-blocking-page-overlay
)
@philipp-classen I'm adding a new page reported by the User: https://www.actdesignshop.nl/
From what I can see, the cookie pop-up is hidden. On the right side is Edge with 10.3.4, on the left is Firefox with 8.12.11
Ghostery is paused in Firefox:
On https://pandectes.myshopify.com/, Ghostery blocks the request to
https://pandectes.myshopify.com/cdn/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
The filter is
/consent-tracking-api.js
and comes from the community list : https://github.com/easylist/easylist/blob/bceee49aab9f1f0fca4e7a19596020d56191993f/easylist_cookie/easylist_cookie_general_block.txt#L146As it is a script that is primarily used for consent management, we should not block it by default in Ghostery. (We do not maintain the community list, so changing the entry is out of scope.)