Cookies and Content Security Policy
| 开发者 | jonkastonka |
|---|---|
| 更新时间 | 2021年6月17日 14:59 |
| 捐献地址: | 去捐款 |
| PHP版本: | 7.0 及以上 |
| WordPress版本: | 5.7.2 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
标签
cookie
cookies
security
modal
cookie bar
gdpr
ccpa
cookie compliance
third-party cookies
csp
content security policy
translatable
下载
1.37
1.38
1.64
1.82
1.87
1.02
1.03
1.1
1.11
1.13
1.2
1.21
1.3
1.31
1.32
1.33
1.34
1.35
1.36
1.39
1.40
1.41
1.42
1.43
1.44
1.5
1.51
1.52
1.54
1.55
1.56
1.57
1.58
1.59
1.60
1.61
1.62
1.63
1.65
1.66
1.67
1.68
1.69
1.70
1.71
1.72
1.73
1.74
1.76
1.77
1.78
1.79
1.80
1.81
1.75
1.01
1.53
1.88
1.12
1.83
1.84
1.0
1.86
trunk
详情介绍:
Be fully GDPR and CCPA compliant through Content Security Policy.
Block cookies and unwanted external content by setting Content Security Policy. A modal will be shown on the front end to let the visitor choose what kind of resources to accept. It also adds a layer of security for your site since iframes, scripts and images from unknown domains are blocked.
Multilingual support through WPML, Polylang or probably any multilingual plugin out there since this plugin follows WordPress Coding Standards. See FAQ below on how to translate with WPML or Polylang.
安装:
Search for
Cookies and Content Security Policy under Plugins on your WordPress install or download and:
- Upload
cookies-and-content-security-policyto the/wp-content/plugins/directory - Activate the plugin through the 'Plugins' menu in WordPress
- Go to Settings > Cookies and Content Security Policy
屏幕截图:
更新日志:
1.87
- maps.google.com added to Quickstart for Google Maps frame.
- Quickstart for Jetpack
- Body position for CLS
- Better flex for scroll in settings modal
- Google in Quickstart checkboxes
- Patch: Bug found in "Only reload page when accepting" from 1.83
- Bust cache for js and css when new version of the plugin gets installed
- Faster enqueue of js and css, millisecond(s) faster, but on big sites ...
- Compact custom css
- Only reload page when accepting if there are visible blocked elements, like iframes and images. Otherwise just hide the modal and save the settings.
- Added Calendly to Quickstart
- Categorized resources in Quickstart
- Domains for all Google resources updated in Quickstart
- Better description on how to work with translation plugins
- Text domain
- Improvement of Google Analytics in Quickstart
- Tested up to 5.7.
- Patch bug that appeared in 1.80 when saving Settings in admin. Where Cookie policy target gave a warning when saving if it was not checked.
- Better check for double domains in Quickstart, no more double new lines.
- Added posibility to allow blob:. Found under Settings > Advanced settings.
- maps.google.com and maps.gstatic.com added to Quickstart for Google Maps.
- Added posibility to add worker. Found under Settings > Advanced settings. Then just add your worker-domains under Domains.
- Alternative link to cookie policy for those of you who have the policy on a different domain, in a PDF or something else.
- Option to open your cookie policy in a new tab.
- Accept cookies cookie has now SameSite set to strict.
- Accept cookies cookie set to secure for SSL sites.
- Patch bug in Quickstart for Twitter
- Added youtube-nocookie.com and youtu.be to Quickstart for YouTube
- Added googletagmanager.com to Quickstart for Google Analytics
- Updated text about static cache
- Descriptions for settings moved to own row, to make settings easier to skim through
- Google Translate without the extra t
- Tested up to 5.6.1
- Helpful tip on static cache
- Screenshot of console
- Update of Quickstart for reCAPTCHA v3
- Possibility to hide unused sections in Settings. Example: If you don't have any domains specified for Marketing, that setting won't show for the visitor. Found under Settings > Basic settings
- Patch bug found by @stafca in possibility to disable X-Content-Security-Policy. Thanks!
- Capitalise company names correctly
- Possibility to disable X-Content-Security-Policy. Found under Settings > Advanced settings
- New optional button for refusing all cookies. Found under Settings > Basic settings
- Minor translation fixes
- Update of Quickstart for reCAPTCHA v3
- Individual height of warning messages for blocked iframes and objects improved
- Button width not based on flex basis on small screens
- New Quickstart: Twitter
- Updated Quickstart for Google Maps
- Custom color for Save button border was used for background too.
- Translations and spelling
- We have Finnish translation!
- Minor typos
- Added to Quickstart: Google Translate
- Hubspot in Quickstart is out of beta
- Better string translation in WPML
- Support for multiple cookie policy pages, one for each language, on multi language sites
- Bypass querystring added to make testing easier, when testing speed in Gmetrix for instance, you don't want anything blocked. Just add ?cacsp_bypass=true to your url when testing.
- Grandma mode
- Tested for CCPA compliance
- Changed the expiry of consent to 1 year, so this can be stated in the cookie policy page for CCPA compliance, the default "Settings text" has been updated to show this
- New icon and banner, cookie and grandma drawn by Hedda Fager
- New screenshots
- Fixed typo in WPML FAQ
- Disable scroll on page when settings modal is shown, gave double scrolbars when unsing "Allow user to access site without saving settings"
- Added to Quickstart: SoundCloud
- No outline on clicked setting in modal
- Better support for WPML thanks to mediopirzel
- Quickstart, out of beta
- Quickstart, more resources added: Google Optimize, Google Ads conversions, Google Ads remarketing, Hubspot and reCAPTCHA v3
- Bugfix for iframes and objects without src attribute
- Translations
- Translations
- Adding refactored files
- Refactoring of settings
- Quickstart, choose common resources from a list that are automatically added to your Domains list
- Make site clickable when using "Allow user to access site without saving settings"
- googleoff: index added for modal and banner to be absolutely sure that the content of these doen't get indexed by google
- Fix for Safari on iOS 13 and the setting "Allow user to access site without saving settings"
- Disable UI warning messages for hidden iframes, like Hotjar and so on
- Rogue c
- Spelling Marketing can be tricky ;)
- Version number for automatic updating
- Blocking object with the same rules as for iframe, to secure old style flash embeds, like for example old YouTube embeds
- Support tab
- Better support for // urls
- Tested up to WordPress 5.5
- Fix for "Only use CSP" option. Don't try to show UI error message.
- WordPress 5.5 ready
- Translations and spelling
- By popular demand: Plugin is now deactivated on install. You can also activate the plugin only for administrators to test your settings without disturbing your visitors.
- Since translations is only available in API through Polylang Pro, I rewrote the error messages for blocked iframes in oldschool js to make error messages appear translated in the free version of Polylang.
- Admin css
- Translations
- Tested up to 5.4.1
- Translations
- Bug fix, allow scroll on html element when option "Allow user to access site without saving settings. Only works with banner." is checked.
- IE11 support
- Css for accepted type
- Check for blank iframes
- Uninstall for new values
- Encode js mail link subject
- Support for X-Content-Security-Policy
- Better debug placement
- Advanced settings
- Visible warning for blocked iframes
- Saving bug in mobile Safari fixed
- More help texts
- No texts must be edited, everything has default values
- Versioning, SVN is not my friend
- Added possibility to use the settings as a meta tag instead, if the host does not accept setting php header()
- Translations
- Coding standards
- WP_DEBUG, clean
- Added support for forms
- Screenshot text, and active settings value
- Assets
- Assets and Contributors
- Ready for the world!
- List width
- Minor fixes
- Securing
- Sanitize
- Nonce
- Uninstall
- WPML config for Cookie policy page id
- Admin referrer
- Initial release