To block third-party cookies, find your JavaScript code that is setting third-party cookies and:

  • Change the type attribute from text/javascript to text/plain (if the type attribute is missing, add it)
  • Add a data-categories attribute and set it to a corresponding category from the list of cookie categories (essential, performance, analytics, advertising, social_networking, unclassified).

You can find a cookie’s category from your Termly cookie scan report, which you can find on your dashboard.


Once this is done, any Javascript code that follows the attribute convention described above will now respond to visitor consents in real-time, without needing to refresh your page.


An example with a Google Analytics script


Original script:

<script type="text/javascript">
 (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
 (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
 m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
 })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
 ga('create', 'UA-XXXXXXXX-X', 'auto');
 ga('send', 'pageview');
</script>

Changes to this:

<script type="text/plain" data-categories="analytics">
 (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
 (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
 m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
 })(window,document,'script','//www.google-analytics.com/analytics.js','ga');
 ga('create', 'UA-XXXXXXXX-X', 'auto');
 ga('send', 'pageview');
</script>

 

An example with JavaScript includes

Original script:

<script src="/js/sample.js"></script>

Changes to this:

<script type="text/plain" data-categories="social_networking" src="/js/sample.js"></script>


Manually block third-party cookies with iframe / embed / object / link

To block third-party cookies set with iframe / embed / object / link (like YouTube videos):

  • Find any iframe / embed / object / link code that is setting third-party cookies and change 
    src / href attribute name to data-src / data-href.

  • Add data-categories attribute.

  • Set it to a corresponding category from the list of cookie categories (Essential, performance, analytics, advertising, social_networking, unclassified


An example with embedded YouTube videos

Original code:

<iframe width="560" height="315" src="https://www.youtube.com/embed/xxxxxxxxx" frameborder="0" allowfullscreen></iframe>

Changes to this:

<iframe width="560" height="315" data-src="https://www.youtube.com/embed/xxxxxxxxx" data-categories="advertising" frameborder="0" allowfullscreen></iframe>

An example with an embed element

Original code:
<embed src="sample.swf">
Changes to this:
<embed data-src="sample.swf" data-categories="advertising" >

An example of object element

Original code:

<object src="sample.swf"></object>

Changes to this:

<object data-src="sample.swf" data-categories="advertising" ></object>

An example of link element

Original code:

<link href="https://fonts.googleapis.com/css?family=Open+Sans" rel="stylesheet" type="text/css">

Changes to this:

<link data-href="https://fonts.googleapis.com/css?family=Open+Sans" data-categories="performance" rel="stylesheet" type="text/css">

An example of image element

Original code:

<img src="http://sample.com/sample.jpg" />

Changes to this:

<img data-src="http://sample.com/sample.jpg" data-categories="analytics" />

How to categorize third-party cookies

You might have to determine which cookie categories your third-party services fall under. You can categorize them by referring to each service’s website or terms of use.


Alternatively, you can refer to Termly’s cookie scan report after you have installed the third-party service. In the report, you can search for the name of the service to find how we have classified the third-party service’s cookies. If the third-party service uses more than one cookie, there might be more than one category applied to this service.