In the new version of the GDPR cookie consent plugin, the script blocking has been made simpler. The cookies are now automatically blocked until the user gives his/her consent. This article explains the processing logic behind the automated process. This article will also help site admins better understand how scripts are blocked and under which cookie category they are placed by default. The article also explains how site administrators can manually block cookies that are skipped during the automated scanning process.
Major Script Blocking – 3 Key Steps:
- Automatic Scanning & Categorization
The plugin scans the website, matches detected cookies with its built-in cookie dictionary, and assigns them to the appropriate categories. - Default Blocking Until Consent
Identified cookies are automatically blocked and only activated after the user provides consent. - Manual Handling of Unmapped Cookies
Cookies placed in the “Other” category must be manually categorized and assigned a script URL pattern to ensure proper blocking.
Internal working of automatic cookie blocking
The GDPR cookie consent plugin, by default, scans all the pages of the website and captures all the cookies that are loaded. The cookies are then matched with our built-in cookie dictionary using the script URL pattern. The known cookies that are found in the dictionary are auto-mapped to the corresponding cookie category. They are blocked until the user gives consent.
Handling cookies that are not auto-blocked
At times, after the website is scanned, a few cookies may not be mapped to the corresponding cookie category. This is because the scanned cookies don’t exist in our cookie dictionary( The cookie dictionary is updated regularly to avoid such circumstances). These unmapped cookies are placed under the Other category, and they are not blocked by default.
The cookies listed in the other category need to be manually categorized. After manual categorization, add the script URL pattern of the cookie to the cookie list. After adding the Script URL pattern Follow the steps mentioned in the article : Manually adding a cookie to the cookie list, to block cookies that are placed in Other category.
Script URL pattern
To identify the script URL pattern of a cookie, users can inspect the website’s source code using browser developer tools. If the source of a cookie is known, it can be searched directly within the Elements tab of the browser’s developer console. For example, to find the script URL pattern for _ga cookies (Google Analytics), search for “Google” in the Elements tab and look for the associated script tag. Suppose the script appears as:
src="https://www.googletagmanager.com/gtag/js?id=G45CEJFBCC9&cx=c>m=4e5981"In this case, the script URL pattern would be:
googletagmanager.com/gtag/jsIf Google Analytics is implemented directly rather than through Google Tag Manager, the pattern will typically be:
http://google-analytics.com/To ensure proper blocking of GA-related cookies, users can add multiple script URL patterns separated by a pipe symbol (|).
For example:
google-analytics.com|googletagmanager.com/gtag/jsIncluding multiple patterns helps ensure that all variations of the script source are correctly identified and blocked.
The enhanced automatic script blocking system simplifies compliance by ensuring cookies are restricted until user consent is obtained. With built-in scanning and categorization supported by manual controls for unmapped cookies, site administrators can maintain both regulatory compliance and full control over website tracking behavior.
