The Signatu Wordpress plugin allows you to integrate the Cookie Banner in Wordpress.
Download the plugin from:
https://cdn.signatu.com/plugin-wordpress/0.213.0/signatu.zipThe plugin is self contained. Install the plugin like this:
Plugins->Add New->Upload Plugin
.Settings->Signatu
.Access Token
- a valid Signatu API access token. The token must have consent
and dataprocessing:read
permissions (this is default when creating the Cookie Banner). You can find the API Access Token at Access Tokens.Banner Type
- choose the banner type. The Cookie Button will show an action icon on every page, while the Cookie Banner will show default when the user has not taken any action.Language
- the language to display in the banner. Note that if you’re using custom texts, you need to ensure that your banner Data Processing Group has texts in the chosen language.Data Processing Group ID
- the ID of the Data Processing Group. You can copy it in your account at Account.Privacy Policy URL
- the URL of your Privacy Policy.Banner Variant
- the design and layout variant of the banner.Banner Position
- the position of the banner dialog.Block By Default
- block 3rd parties server side by default. The scripts can be re-enabled client side.If you’re using the Cookie Button, the user can open the banner by clicking the button. In most cases no additional integration is needed.
Should you need more fine grained control of the banner, you can send messages to the DOM window. Refer to Signatu documentation for controlling the banner state.
If you want to respond to events from the Cookie Banner, review the SDK documentation.
The Wordpress plugin deploys both server-side and client side strategies to block scripts.
Signatu adds a filter (using add_filter
) to the script_loader_tag
action. If a script is external to the Wordpress site domain,
and Block By Default
is enabled, the script src
tag is removed and replaced by a data-src
tag. The script will be re-enabled client
side if Signatu determines the script is allowed to run.
The Wordpress plugin automatically deploys the Script Blocker for client side blocking. The Blocker will also unblock scripts that have been blocked server side when the user’s consent setting allows the 3rd party to run.
The Wordpress plugin will embed an IFrame running the Signatu Cookie Banner. The banner will make calls to api.signatu.com
. If you
are using a Content Security Policy (CSP) on your site you need to ensure that connect-src
allows
the plugin to make calls to api.signatu.com
, e.g.,:
Content-Security-Policy: connect-src 'self' api.signatu.com;
More information about CSP is available at MDN.