Complianz Privacy Suite

Whitelisting inline script

Aert Hulsebos

Upgrade to Google Analytics 4

Update: you can now add your G-*** tracking code in Complianz and it will be handled for you. If you want to upgrade to Google

Aert Hulsebos October 26, 2020

TCF for WordPress

The Transparency Consent Framework () is an initiative by IAB Europe and IAB Tech Lab to provide a platform for vendors, publishers, and consent management

Aert Hulsebos September 14, 2020

TCF V2.0 release (Update)

Update: Released on October 5th 2020 Since August 15th the Transparency and Consent Framework V2.0 from IAB Europe or V2 has been adapted by Google

Aert Hulsebos August 27, 2020

Complianz uses a regular expression to find 3rd party services in inline scripts. Below we will take an example of a Podcast Player that creates an inline script. The output also contains data related to social media hyperlinks or instagram.com in this specific case. In most use cases we will find instagram.com as a link, directly related to the service which is Instagram itself, or a plugin that provides a service like embedding Instagram posts.

But not in this case. Podcast outputs data collections but does not invoke any Instagram related services. And it does not set any other cookies related to 3rd parties, meaning it can be set before consent. But Complianz blocked the script before consent, even if it didn’t have to.

The reason why Complianz blocked the script is because the user had Instagram embedded and enabled in Complianz, but gave a false positive on the Podcast player. These cases are rare, but might happen. To overcome this you can add a filter to tell Complianz to skip an inline script. All you need is the ID of the inline script. In the case of the blocked Podcast Player script it looked like this:

What you will need:

<script class="cmplz-script" type="text/plain" id='pppublic-js-extra'>

class=”cmplz-script” type=”text/plain” = Blocked prior to consent

id=’pppublic-js-extra’ = Script ID of Podcast player

What you will need to achieve is:

<script class="cmplz-native" type="text/javascript" id='pppublic-js-extra'>

class=”cmplz-native” = Whitelisted
id=’pppublic-js-extra’ = Script ID of Podcast player

How to whitelist inline script

You can add a filter as an MU-Plugin, or add it to your functions.php. You can use the below filter, but need to add the script ID of the service inline script that needs to be whitelisted yourself. You can find the script ID (if available) in the page source of your website. If you need help, please ask.

<?php
// Whitelisting podcast player inline script
add_filter ( 'cmplz_script_class',
function( $class, $total_match, $found ) {
if ( $found && false !== strpos( $total_match, 'YOUR-SCRIPT-ID' ) ) {
$class = 'cmplz-native'; // add cmplz-script for Marketing and cmplz-stats for Statistics
}
return $class;
}, 10 , 3
);