Cookie cookie cookie COOOKIE

I enjoy a good cookie, particularly the slightly squidgy ones with huge chunks of chocolate in.  Sadly, this isn’t about highly-calorific comestibles, but about information this site will store in your browser.

The Register published a rather helpful article on the impending deadline for UK sites to conform to the new EU ePrivacy Directive (a thoroughly riveting read), which prompted me to get with the programme.  You probably saw the notice pop up when you first visited the site.

This is what The Register has to say:

The ePrivacy Directive makes it clear that the storing and slurping of data on an individual web surfer’s computer is only lawful “on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information … about the purposes of the processing”.

Furthermore, that consent needs to be granted explicitly and must be unambiguous.

So I’m now using the WordPress plugin EU Cookie Directive to pop up a message requesting your consent to use cookies and I’ve prepared a little page to help you find out more about how this site uses cookies.

It is rather ironic that this opt-in preference is then itself stored in a cookie, but there you go.

Also, if you’re like me and clear your browser cookies automatically on browser shutdown, then that pop-up message may get annoying.  Sorry about that, feel free to vent your anger in the comments.


Read more from Jock

The Practitioner's Guide to Product Management by Jock Busuttil

“This book has been a genuine game changer for me”
– pb (Amazon)

“I wish this book was published when I started out in product management”
– KejiA (Amazon)

6 thoughts on “Cookie cookie cookie COOOKIE

    • Thanks for the feedback Johan. Just out of interest, when you look in your browser cookies, do you see ‘ecd_opt_in’? Also be useful to know what browser and version you’re using.

        • Thanks for checking – I think I may have fixed the problem now, at least I’m seeing the pop-up on Chrome, IE9 and Firefox. Hope that helps, and thank you for your help testing!

  1. Now I get the pop-up – looks good.

    So, did you change the configuration in a specific manner? Would be nice to get some tips on how you did before I go ahead and try this on my site.

    • For you, it will probably just work out of the box. My situation was caused by the slightly complicated way I’ve set up WordPress.

      Very briefly, I have two copies of the site running, one under HTTP, the other under HTTPS. I use rewrite scripts to transparently bounce people on the site between them depending on whether the pages need secure login. In essence, I didn’t want people submitting passwords unencrypted.

      Until recently I’ve managing fine with a self-signed SSL certificate; this encrypts the traffic perfectly well, but browsers complained because it’s not signed by a recognised authority such as Verisign or Comodo. As browsers are now a bit more security conscious, they were refusing to load some elements of the page that were coming from the HTTPS site.

      Replacing the self-signed certificate with a properly signed one appears to have appeased the various browsers that were having problems.

      So I don’t think you’ll see the same problems as me unless you’re also using a dual HTTP/HTTPS setup with a self-signed certificate.

      And yes, there is probably a simpler way for me to do this, but I like the challenge!

Agree? Disagree? Join the conversation: