use <button> instead of <a> where applicable

Build/cookieman_test_customtheme/Extensions/cookieman/Resources/Private/Themes/customTheme/Templates/Popup.html

@@ -69,16 +69,16 @@ <h5 class="modal-header" id="cookieman-modal-title">
             </div>
 
             <div class="modal-footer">
-                <a data-cookieman-save
+                <button data-cookieman-save
                    class="btn btn-default"
-                   href="" rel="nofollow"
                 >
                     {f:translate(key: 'save')}
-                </a>
-                <a data-cookieman-accept-all data-cookieman-save
-                   href="" rel="nofollow" class="btn btn-primary">
+                </button>
+                <button data-cookieman-accept-all data-cookieman-save
+                   class="btn btn-primary"
+                >
                     {f:translate(key: 'accept')}
-                </a>
+                </button>
             </div>
         </div>
     </div>

Documentation/Developer/Index.rst

@@ -38,11 +38,15 @@ cookieman.show()
 :aspect:`Description`
    Shows the confirmation modal. You can call that from anywhere you need it (e.g. with a link from your data protection declaration page).
 
-   .. code-block:: js
+   .. code-block:: HTML
+
+      <button onclick="cookieman.show()">
+        Adjust your cookie preferences
+      </button>
+
+   .. attention::
 
-      <a href="" onclick="cookieman.show(); return false">
-        Cookie settings
-      </a>
+      If your website uses a strict `Content-Security-Policy` (see `Mozilla Developer Network <https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP>`__) the onclick= needs to be replaced with registering a click-handler from an external <script> (also see :ref:`how cookieman supports Content-Security-Policy <content-security-policy>`).
 
 
 cookieman.hide()