By Manish Gautam
updated 3 months ago
This article covers the scenario when the iframes embedded on your website, set cookies and trackers and thereby require the visitor's prior consent.
These are generally third party content providers like YouTube and Vimeo. To hold back cookies until the website visitor has consented, Secure Privacy will block loading the video until the visitor has provided consent.
We will take an example of Youtube, to implement prior consent. You can follow these simple steps to implement prior consent.
- Apply the attribute sp-consent="PLUGIN NAME" to the iframe tag on your website. Make sure that you write the exact plugin name, which appears on your Scan Report.
- Change the attribute “src” from “src” to “data-src”.
<iframe src="https://www.youtube.com/embed/xxxxxxxxxxx" frameborder="0" allowfullscreen></iframe>
changes to the following (rename 'src' to 'data-src' and apply the sp-consent="PLUGIN NAME" attribute to the tag):
<iframe data-src="https://www.youtube.com/embed/xxxxxxxxxxx" sp-consent="PLUGIN NAME" frameborder="0" allowfullscreen></iframe>
Note: YouTube offers you to serve videos from the alternative domain www.youtube-nocookie.com which is not setting HTTP cookies. Instead, the alternative domain is setting persistent "super cookies" in the browser's HTML Locale Storage which also requires consent.