-
Notifications
You must be signed in to change notification settings - Fork 1
Cookies
Andrew Hosgood edited this page Oct 26, 2023
·
2 revisions
The principles of cookie handling are:
- Create cookies on the client side (apart from session cookies)
- Update cookies on the client side (apart from session cookies)
- Reject by default (don't assume acceptance and don't add tracking until after they agree)
As standard we should use at least these three classes of cookies:
-
essential
- we don't need to ask permission for these -
usage
- analytics, tracking, data gathering -
settings
- configured options for the site (e.g. default results view or static light/dark mode)
sequenceDiagram
User->>Browser: Request page
Browser->>Server: HTTP request with no cookies
Server->>Browser: Rendered HTML with cookie banner and no analytics
Browser->>User: Accept cookies?
alt Accept
User->>Browser: Accept cookies
Browser->>Browser: Create cookie policy with all accepted
Browser->>Browser: Add analytics code with JavaScript
else Reject
User->>Browser: Reject cookies
Browser->>Browser: Create cookie policy with all rejected
end
opt Next request
User->>Browser: Request page
Browser->>Server: HTTP request with cookie policy
Server->>Browser: Rendered HTML with analytics but no cookie banner
end
sequenceDiagram
User->>Browser: Request page
Browser->>Server: HTTP request with cookie policy
Server->>Browser: Rendered HTML with analytics but no cookie banner
When you load in the tna-frontend JavaScript, it comes with a cookie library.
This is loaded into the window
object as TNAFrontend.Cookies
:
// Initialise a new Cookie instance
const cookies = new TNAFrontend.Cookies();
// Log all the cookies to the console
console.log(cookies.all);
-
cookies.all
- Returns all the cookies -
cookies.exists(key)
- Returnstrue
if a cookie exists with the namekey
-
cookies.hasValue(key, value)
- Returnstrue
if the cookie with the namekey
is equal tovalue
-
cookies.get(key)
- Returns the cookie with the namekey
-
cookies.set(key, value, maxAge, path)
- Set a cookie (max age default is one year, default path is/
) -
cookies.delete(key)
- Deletes the cookie with the namekey
-
cookies.allPolicies
- Returns all the cookie policies -
cookies.acceptPolicy(policy)
- Accepts the policy with the namepolicy
-
cookies.rejectPolicy(policy)
- Rejects the policy with the namepolicy
-
cookies.setPolicy(policy, accepted)
- Accepts or rejects the policy with the namepolicy
depending on the value ofaccepted
-
cookies.acceptAllPolicies()
- Accepts all policies -
cookies.rejectAllPolicies()
- Rejects all policies -
cookies.isPolicyAccepted(policy)
- Returnstrue
orfalse
depending on whether the policy has been accepted