From 3c9bc2a16f28ed674f4587b37186560e7bc8eb99 Mon Sep 17 00:00:00 2001 From: Vanita Barrett Date: Thu, 13 Jun 2019 12:37:15 +0000 Subject: [PATCH 1/2] Set the TLS cookie rather than stubbing getCookie --- spec/javascripts/surveys-spec.js | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/spec/javascripts/surveys-spec.js b/spec/javascripts/surveys-spec.js index 2227768f9..9c4714bf5 100644 --- a/spec/javascripts/surveys-spec.js +++ b/spec/javascripts/surveys-spec.js @@ -573,23 +573,27 @@ describe('Surveys', function () { }) describe('currentTlsVersion', function() { + afterEach(function() { + window.GOVUK.setCookie('TLSversion', null) + }) + it('returns an empty string when the cookie returns null', function () { - spyOn(GOVUK, 'getCookie').and.returnValue(null) + window.GOVUK.setCookie('TLSversion', null) expect(surveys.currentTlsVersion()).toBe('') }) it('returns an empty string when the cookie returns "unknown"', function () { - spyOn(GOVUK, 'getCookie').and.returnValue("unknown") + window.GOVUK.setCookie('TLSversion', "unknown") expect(surveys.currentTlsVersion()).toBe('') }) it('returns the correct version when the cookie returns a valid value"', function () { - spyOn(GOVUK, 'getCookie').and.returnValue("TLSv1.1") + window.GOVUK.setCookie('TLSversion', "TLSv1.1") expect(surveys.currentTlsVersion()).toBe(1.1) }) it('returns an empty string when the TLS version is malformed"', function () { - spyOn(GOVUK, 'getCookie').and.returnValue("TLSvabcd11123") + window.GOVUK.setCookie('TLSversion', "TLSvabcd11123") expect(surveys.currentTlsVersion()).toBe('') }) }) From ae13166eade74d498a7ad80962e7d67cd32b465b Mon Sep 17 00:00:00 2001 From: Vanita Barrett Date: Thu, 13 Jun 2019 14:45:04 +0000 Subject: [PATCH 2/2] Disable GA cookies when usage cookies denied --- app/assets/javascripts/analytics/init.js.erb | 50 +++++++++++-------- .../javascripts/analytics/static-analytics.js | 6 ++- .../analytics/static-analytics-spec.js | 23 +++++++++ 3 files changed, 58 insertions(+), 21 deletions(-) diff --git a/app/assets/javascripts/analytics/init.js.erb b/app/assets/javascripts/analytics/init.js.erb index 070209827..871c53db9 100644 --- a/app/assets/javascripts/analytics/init.js.erb +++ b/app/assets/javascripts/analytics/init.js.erb @@ -1,24 +1,34 @@ (function() { "use strict"; - // Load Google Analytics libraries - GOVUK.StaticAnalytics.load(); - - // Use document.domain in dev, preview and staging so that tracking works - // Otherwise explicitly set the domain as www.gov.uk (and not gov.uk). - var cookieDomain = (document.domain == 'www.gov.uk') ? '.www.gov.uk' : document.domain; - - var universalId = '<%= Rails.application.config.ga_universal_id %>'; - - // Configure profiles, setup custom vars, track initial pageview - var analytics = new GOVUK.StaticAnalytics({ - universalId: universalId, - cookieDomain: cookieDomain, - allowLinker: true, - // This is served by Fastly in production, and returns an empty 200 response - govukTrackerUrl: '<%= asset_path "/static/a" %>' - }); - - // Make interface public for virtual pageviews and events - GOVUK.analytics = analytics; + var consentCookie = window.GOVUK.getConsentCookie(); + + // Disable analytics by default + // This will be reversed below, if the consent cookie says usage cookies are allowed + window['ga-disable-UA-26179049-1'] = true; + + if (!consentCookie || consentCookie["usage"]) { + window['ga-disable-UA-26179049-1'] = false; + + // Load Google Analytics libraries + GOVUK.StaticAnalytics.load(); + + // Use document.domain in dev, preview and staging so that tracking works + // Otherwise explicitly set the domain as www.gov.uk (and not gov.uk). + var cookieDomain = (document.domain == 'www.gov.uk') ? '.www.gov.uk' : document.domain; + + var universalId = '<%= Rails.application.config.ga_universal_id %>'; + + // Configure profiles, setup custom vars, track initial pageview + var analytics = new GOVUK.StaticAnalytics({ + universalId: universalId, + cookieDomain: cookieDomain, + allowLinker: true, + // This is served by Fastly in production, and returns an empty 200 response + govukTrackerUrl: '<%= asset_path "/static/a" %>' + }); + + // Make interface public for virtual pageviews and events + GOVUK.analytics = analytics; + } })(); diff --git a/app/assets/javascripts/analytics/static-analytics.js b/app/assets/javascripts/analytics/static-analytics.js index 05aabef53..93b42b43a 100644 --- a/app/assets/javascripts/analytics/static-analytics.js +++ b/app/assets/javascripts/analytics/static-analytics.js @@ -16,7 +16,11 @@ // Create universal tracker // https://github.com/alphagov/govuk_frontend_toolkit/blob/master/docs/analytics.md // https://github.com/alphagov/govuk_frontend_toolkit/blob/master/javascripts/govuk/analytics/analytics.js - this.analytics = new GOVUK.Analytics(config); + var consentCookie = window.GOVUK.getConsentCookie(); + + if (!consentCookie || consentCookie['usage']) { + this.analytics = new GOVUK.Analytics(config); + } var trackingOptions = getOptionsFromCookie(); diff --git a/spec/javascripts/analytics/static-analytics-spec.js b/spec/javascripts/analytics/static-analytics-spec.js index 83c32e71e..cebfce4ab 100644 --- a/spec/javascripts/analytics/static-analytics-spec.js +++ b/spec/javascripts/analytics/static-analytics-spec.js @@ -2,6 +2,7 @@ describe("GOVUK.StaticAnalytics", function() { var analytics; beforeEach(function() { + window.GOVUK.setConsentCookie({'usage': true}); window.ga = function() {}; spyOn(window, 'ga'); spyOn(GOVUK.analyticsPlugins, 'printIntent'); @@ -1058,6 +1059,28 @@ describe("GOVUK.StaticAnalytics", function() { }); }); + describe("when the consent cookie has been set", function() { + beforeEach(function() { + window.ga.calls.reset(); + }); + + it('does not set analytics cookies as normal when usage cookies are allowed', function() { + window.GOVUK.setConsentCookie({'usage': false}); + analytics = new GOVUK.StaticAnalytics({universalId: 'universal-id'}); + + expect(Object.keys(analytics).length).toBe(0) + }); + + it('does set analytics cookies as normal when usage cookies are allowed', function() { + window.GOVUK.setConsentCookie({'usage': true}); + analytics = new GOVUK.StaticAnalytics({universalId: 'universal-id'}); + + expect(Object.keys(analytics).length).toBe(1) + expect(analytics.analytics.stripDatePII).toBe(false) + expect(analytics.analytics.stripPostcodePII).toBe(false) + }); + }); + describe('when the seen_cookie_message cookie does not exist', function() { var pageViewObject;