Manage `Set-Cookie` headers

[over-engineer]

Expanding on #43, we should look into implementing a mechanism to conditionally block Set-Cookie HTTP headers.

This is going to prevent cookies from being set via the setcookie() function.

(cc: @formaciongrafica)

[formaciongrafica]

Hello Konstantinos

I just found this tool that I found interesting: https://wordpress.org/plugins/wp-consent-api/

In case it contributes in any way, I share it here:

What problem does this plugin solve? Currently, it is possible for a consent management plugin to block third-party services like Facebook, Google Maps, Twitter, etc. But if a WordPress plugin places a PHP cookie, a consent management plugin cannot prevent this.

Secondly, some plugins integrate the tracking code on the clientside in javascript files that, when blocked, break the site.

Or, if such a plugin’s javascript is minified, causing the URL to be unrecognizable and won’t get detected by an automatic blocking script.

Lastly, the blocking approach requires a list of all types of URL’s that tracks data. A generic API where plugins adhere to can greatly facilitate a webmaster in getting a site compliant.

Does usage of this API prevent third-party services from tracking user data? Primary this API is aimed at compliant first-party cookies or tracking by WordPress plugins. If such a plugin triggers, for example, Facebook, usage of this API will be of help. If a user embeds a Facebook iframe, a blocking tool is needed that initially disables the iframe and or scripts.

Greetings and thanks. Plácido.