EVOcookie and EU Privacy again #2003
Comments
|
As far as I know you can make use of session cookies also in EU. The only thing is you have to tell your visitors immediately, i.e. a warning popup appears in which "all" cookie functions are explicitly pointed out. Then before a user may want to register with you (depending on the website structure), you also need this cookie warning and the new user must first give their consent that they agree to cookies. It is therefore not urgently necessary to manipulate the session cookies. Kind regards, Andreas ;) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I think this is not only a problem in the EU, because other countries are also dealing with more data protection. The experience in the EU could be a pattern there.
I still have the problem that I can not turn off the evocookie for the normal site visitor, although it is not technically mandatory. In some EU countries this is a legal violation and has also been punished.
Sirfranz had suggested in another thread as a radical solution to generally disable the session start in core\bootstrap.php. Problem: You can't log in anymore.
I additionally bound the setting of the cookie to the manager like this:
old:
new:
In the first tests it worked quite ok. But I don't know if it is problematic to bind the evocookie to the presence of "manager" in the $_SERVER["REQUEST_URI"].
I also hope it's not a problem safety-wise.
My questions:
Can this work in general? Where can this lead to conflicts? Is it safe?
Can this or a similar solution be implemented in general and linked to the configuration (Fronent Session: on/off)?
Or if it is better to use the evocookie in general, then I ask for one or two sentences of justification that also satisfies the data protectionists.
Translated with www.DeepL.com/Translator (free version)
The text was updated successfully, but these errors were encountered: