To block third-party cookies, find your JavaScript code that is setting third-party cookies and:
- Change the type attribute from text/javascript to text/plain (if the type attribute is missing, add it)
- Add a data-categories attribute and set it to a corresponding category from the list of cookie categories (essential, performance, analytics, advertising, social_networking, unclassified).
You can find a cookie’s category from your Termly cookie scan report, which you can find on your dashboard.
Once this is done, any Javascript code that follows the attribute convention described above will now respond to visitor consents in real-time, without needing to refresh your page.
An example with a Google Analytics script
Original script:
<script type="text/javascript"> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-XXXXXXXX-X', 'auto'); ga('send', 'pageview'); </script>
Changes to this:
<script type="text/plain" data-categories="analytics">
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-XXXXXXXX-X', 'auto');
ga('send', 'pageview');
</script>
An example with JavaScript includes
Original script:
<script src="/js/sample.js"></script>
Changes to this:
<script type="text/plain" data-categories="social_networking" src="/js/sample.js"></script>
Manually block third-party cookies with iframe / embed / object / link
To block third-party cookies set with iframe / embed / object / link (like YouTube videos):
Find any iframe / embed / object / link code that is setting third-party cookies and change
attribute name tosrc / href
data-src / data-href.
Add data-categories attribute.
Set it to a corresponding category from the list of cookie categories (Essential, performance, analytics, advertising, social_networking, unclassified)
An example with embedded YouTube videos
Original code:
<iframe width="560" height="315" src="https://www.youtube.com/embed/xxxxxxxxx" frameborder="0" allowfullscreen></iframe>
Changes to this:
<iframe width="560" height="315" data-src="https://www.youtube.com/embed/xxxxxxxxx" data-categories="advertising" frameborder="0" allowfullscreen></iframe>
An example with an embed element
<embed src="sample.swf">
<embed data-src="sample.swf" data-categories="advertising" >
An example of object element
Original code:
<object src="sample.swf"></object>
Changes to this:
<object data-src="sample.swf" data-categories="advertising" ></object>
An example of link element
Original code:
<link href="https://fonts.googleapis.com/css?family=Open+Sans" rel="stylesheet" type="text/css">
Changes to this:
<link data-href="https://fonts.googleapis.com/css?family=Open+Sans" data-categories="performance" rel="stylesheet" type="text/css">
An example of image element
Original code:
<img src="http://sample.com/sample.jpg" />
Changes to this:
<img data-src="http://sample.com/sample.jpg" data-categories="analytics" />
How to categorize third-party cookies
You might have to determine which cookie categories your third-party services fall under. You can categorize them by referring to each service’s website or terms of use.
Alternatively, you can refer to Termly’s cookie scan report after you have installed the third-party service. In the report, you can search for the name of the service to find how we have classified the third-party service’s cookies. If the third-party service uses more than one cookie, there might be more than one category applied to this service.