search

woocommerce / facebook-for-woocommerce

A first-party extension plugin built for WooCommerce. Development is managed by Ventures.
https://woocommerce.com/products/facebook/
GNU General Public License v2.0
206 stars 134 forks source link

Can't disable Pixel when website is cached. GDPR + CDN #2576

Open edirpedro opened 1 year ago

edirpedro commented 1 year ago

I'm getting problems when combining Pixel with cached pages, using Varnish or a CDN. this is my scenario:

  1. Can't create a custom cache on the server, I need to use the host solution only.
  2. Can't use the PHP filter "facebook_for_woocommerce_integration_pixel_enabled" because the page will be cached without the Pixel and served to all other users.
  3. I can only rely on the client side to handle the opt-in and out for Pixel, but I didn't find a way to manage this.

What I think that could be a solution, just an ideia, not tested.

Instead of add the scripts direct on the page, we need a JS Hook to check if this can be done or not and only after that we add the script source and all the rest to start up the Pixel or any other third party application. Like this using WP JS Hooks:

addFilter( 'facebook_for_woocommerce_integration_pixel_enabled', 'facebook_for_woocommerce', consent_for_facebook_pixel );
function consent_for_facebook_pixel() {
    return document.cookie.indexOf('consent-facebook-pixel=true') >= 0;
}

Without checking the user consent on the server side, there is no problem creating caches on the server or using a CDN, the Pixel will be on the HTML but only injected on the page after checking it on the client side, according to user consent.

Additional information

https://developers.facebook.com/docs/meta-pixel/implementation/gdpr

There is an option at documentation, using fbq('consent', 'revoke');. But it has to be setted before the fbq('init', '<your pixel ID>'); and this can't be done with the plugin since the script don't have this option.

But wait, this solution still allows Facebook to track the user since it revokes after the scripts are loaded! This is not a GDPR solution.

Originally posted by @edirpedro in https://github.com/woocommerce/facebook-for-woocommerce/issues/301#issuecomment-1095252894

betagoo commented 4 months ago

Is there any hook to paste: fbq('consent', 'revoke'); before fbq('init', '<your pixel ID>'); I search whole code and I not found any consent revoke.

rawdreeg commented 4 months ago

@edirpedro @betagoo

You can use you the facebook_woocommerce_pixel_init to prepend fbq('consent', 'revoke'); to the facebook_woocommerce_pixel_init code

Here's an axample implementation you can use in your child's theme function.php:


function prepend_fb_consent_to_pixel_init( $original_script ) {
    // Your consent code to prepend
    $consent_code = "fbq('consent', 'revoke');\n";

    // Prepending the consent code to the original pixel init code
    $modified_script = $consent_code . $original_script;

    return $modified_script;
}

// Adding your custom filter to modify the facebook_woocommerce_pixel_init output
add_filter( 'facebook_woocommerce_pixel_init', 'prepend_fb_consent_to_pixel_init', 10, 1 );
edirpedro commented 4 months ago

@rawdreeg Facebook tell us to do this way but this action does make it track te user since the scripts are already loaded on page before this action. The right way should be simply not include the scripts on the page, to not make any request to the Facebook servers.

rawdreeg commented 4 months ago

Thanks for your reply @edirpedro

Yes, the https://connect.facebook.net/en_US/fbevents.js script is loaded before . I'll keep this issue open for client site solution for preventing fbevents.js from getting included into the page. But the goal is to revoke the consent then facebook_woocommerce_pixel_init should help.