New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Changed consent status to consider opt-in and opt-out status for dimiss event #284

wants to merge 3 commits into
base: master


None yet
5 participants

AquaGenLive commented Apr 5, 2018

As soon as you like to use opt-in with the cookieconsent script the hasConcented() function doesn't work as expected.

hasConsented() returns true, if status is dismiss. This is wrong because opt-in can only be true if the status is allowed.

@AquaGenLive AquaGenLive changed the title from Changed consent status to consider opt-in and opt-out status to Changed consent status to consider opt-in and opt-out status for dimiss event Apr 6, 2018


changes works for me


DanMan approved these changes May 23, 2018


This comment has been minimized.


alexmorleyfinch commented Jul 13, 2018

TL; DR I wanna copy and paste

Add this snippet to your cookieconsent configuration object.

      // ...

      compliance: {
        info: '<div class="cc-compliance">{{dismiss}}</div>',
          '<div class="cc-compliance cc-highlight">{{allow}}{{deny}}</div>',
          '<div class="cc-compliance cc-highlight">{{deny}}{{allow}}</div>'

      // ...


I think their may be some confusion which was not really helped by ourselves. hasConsented() is working as expected, it's the default config that is the issue.

There are 3 consent levels. There is allow, deny and dismiss. The reason we have 3 rather than 2 is probably unnecessary and clearly a point of confusion, but it's too late to remove it now.

Allow is "I accept cookies". Deny is "I do NOT accept cookies" and Dismiss is "I don't care, go away" (which is essentially the same as "I accept cookies"). The reason we decided to differentiated between the two is because we wanted to be able to imply the consent level from the Cookie value alone. I.E third party tools can read the cookie and understand whether the consent was implicit or explicit. I.E allow/deny is explicit, and dismiss is implicit.

The reason I am explaining all of this is because the problem stems from a miss configuration of the tool's default options. See below:

Existing default configuration

  compliance: {
    info: '<div class="cc-compliance">{{dismiss}}</div>',
      '<div class="cc-compliance cc-highlight">{{dismiss}}{{allow}}</div>',
      '<div class="cc-compliance cc-highlight">{{deny}}{{dismiss}}</div>'

As you can see, 'opt-in' contains {{dismiss}}{{allow}}. This is a problem because it means that both of these buttons have the same effect (they both allow cookies), which is pretty damn confusing. This is why hasConsented() returns true for both buttons. This was an oversight on our side.

People can fix this behaviour by setting the config as so:


  // ...

  compliance: {
    'opt-in': '<div class="cc-compliance cc-highlight">{{deny}}{{allow}}</div>'

  // ...

Or you can do {{allow}}{{deny}} if you want the buttons the other way around.

I'd also recommend changing the 'opt-out' settings too, like so:

    'opt-out': '<div class="cc-compliance cc-highlight">{{allow}}{{deny}}</div>'

This way, only the info type contains the {{dismiss}} button.

I think this should be the recommended fix for this issue, seeing as the hasConsented function is functioning as originally designed, and modifying it now could have some backward compatibility issues.

I'll be updating the default configuration to solve this problem in a future release, so this will no longer be an issue. Until then, the workaround is above. For convenience, I'll paste the full fix that I'll be committing to the repo at the top of this response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment