Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change the way scripts are set up #104

Open
felixgirault opened this issue Aug 1, 2024 · 0 comments
Open

Change the way scripts are set up #104

felixgirault opened this issue Aug 1, 2024 · 0 comments
Assignees
@felixgirault
Labels
enhancement New feature or request

Comments

@felixgirault
Copy link
Contributor

Context

Up until now, third party scripts need to be modified to allow Orejime to handle them correctly.
This implies namespacing regular attributes, labeling them, and ensuring the label matches with the config.
This latter part is often causing problems, as the labels must match but there is no way to enforce this over time.
This leads to desynchronizations when the code changes, and Orejime still working without errors but not actually acting on the scripts.
This is unavoidable with the current architecture but could be mitigated by changing the way scripts are loaded.

Options

Other CMP tend to provide an extensive list of predefined third-party services (think Google Analytics, Matomo, ...) that can inject scripts with little configuration (i.e. a site id).
This avoids any desynchronizations, as the CMP is entirely responsible of injecting the scripts.
However, it is on the CMP to provide scripts for just about any service, in any given version, which is almost impossible.

A middle ground could consist in moving scripts to the Orejime config, but in the user-land.
Instead of setting up regular script tags in the HTML, the user would put their content in the config, in each app declaration.
This would let Orejime own their lifecycle without actually providing a predefined list of services.

Example

Before

<script type="opt-in" data-type="application/javascript" data-name="gtm">
  (function(w, d, s, l, i) { /* GTM code */ })(window,document, 'script', 'dataLayer', 'GTM-YOLO');
</script>
const config = {
  apps: [
    {
      name: 'gtm',
      title: 'Google Tag Manager',
      cookies: []
    }
  ]
};

After

const config = {
  apps: [
    {
      name: 'gtm',
      title: 'Google Tag Manager',
      cookies: [],
      // the exact code that we would find in the original script tag
      script: () => {
        (function(w, d, s, l, i) { /* GTM code */ })(window,document, 'script', 'dataLayer', 'GTM-YOLO');
      },
      // an optional list of HTML attributes for the injected script tag
      scriptAttributes: {
        crossorigin: true
      }
    }
  ]
};

Potential issues

  • Orejime can currently handle any HTML element (see https://github.com/empreinte-digitale/orejime/blob/master/src/consent-manager.js#L213). We'd have to either get rid of this behavior, or provide an alternative.
  • This would be a breaking change, requiring a rewrite of any user config. Maybe this could be an alternative mode that could coexist with the current one, making it easier to switch. The current one could then be deprecated and removed in the future.
@felixgirault felixgirault added the enhancement New feature or request label Aug 1, 2024
@felixgirault felixgirault self-assigned this Aug 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@felixgirault felixgirault

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@felixgirault