Handling cookie consent¶
pretix includes an optional feature to handle cookie consent explicitly to comply with EU regulations. If your plugin sets non-essential cookies or includes a third-party service that does so, you should integrate with this feature.
Server-side integration¶
First, you need to declare that you are using non-essential cookies by responding to the following signal:
- pretix.presale.signals.register_cookie_providers = <pretix.base.signals.EventPluginSignal object>
Arguments:
requestThis signal is sent out to get all cookie providers that could set a cookie on this page, regardless of consent state. Receivers should return a list of
pretix.presale.cookies.CookieProviderobjects.As with all event-plugin signals, the
senderkeyword argument will contain the event.
You are expected to return a list of CookieProvider objects instantiated from the following class:
- class pretix.presale.cookies.CookieProvider¶
- CookieProvider.identifier¶
A short and unique identifier used to distinguish this cookie provider form others (required).
- CookieProvider.provider_name¶
A human-readable name of the entity of feature responsible for setting the cookie (required).
- CookieProvider.usage_classes¶
A list of enum values from the
pretix.presale.cookies.UsageClassenumeration class, such asUsageClass.ANALYTICS,UsageClass.MARKETING, orUsageClass.SOCIAL(required).
- CookieProvider.privacy_url¶
A link to a privacy policy (optional).
Here is an example of such a receiver:
1@receiver(register_cookie_providers)
2def recv_cookie_providers(sender, request, **kwargs):
3 return [
4 CookieProvider(
5 identifier='google_analytics',
6 provider_name='Google Analytics',
7 usage_classes=[UsageClass.ANALYTICS],
8 )
9 ]
JavaScript-side integration¶
The server-side integration only causes the cookie provider to show up in the cookie dialog. You still need to care about actually enforcing the consent state.
You can access the consent state through the window.pretix.cookie_consent variable. Whenever the
value changes, a pretix:cookie-consent:change event is fired on the document object.
The variable will generally have one of the following states:
State |
Interpretation |
|---|---|
|
Your JavaScript has loaded before the cookie consent script. Wait for the event to be fired, then try again, do not yet set a cookie. |
|
The cookie consent mechanism has not been enabled. This usually means that you can set cookies however you like. |
|
The cookie consent mechanism is loaded, but has no data on your cookie yet, wait for the event to be fired, do not yet set a cookie. |
|
The user has consented to your cookie. |
|
The user has actively rejected your cookie. |
If you are integrating e.g. a tracking provider with native cookie consent support such as Facebook’s Pixel, you can integrate it like this:
1var consent = (window.pretix || {}).cookie_consent;
2if (consent !== null && !(consent || {}).facebook) {
3 fbq('consent', 'revoke');
4}
5fbq('init', ...);
6document.addEventListener('pretix:cookie-consent:change', function (e) {
7 fbq('consent', (e.detail || {}).facebook ? 'grant' : 'revoke');
8})
If you have a JavaScript function that you only want to load if consent for a specific identifier
is given, you can wrap it like this:
1var consent_identifier = "youridentifier";
2var consent = (window.pretix || {}).cookie_consent;
3if (consent === null || (consent || {})[consent_identifier] === true) {
4 // Cookie consent tool is either disabled or consent is given
5 addScriptElement(src);
6 return;
7}
8
9// Either cookie consent tool has not loaded yet or consent is not given
10document.addEventListener('pretix:cookie-consent:change', function onChange(e) {
11 var consent = e.detail || {};
12 if (consent === null || consent[consent_identifier] === true) {
13 addScriptElement(src);
14 document.removeEventListener('pretix:cookie-consent:change', onChange);
15 }
16})