Conversation
maureenlholland
force-pushed
the
wt-602--consent-management
branch
from
b333a17 to
31fb40b
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #955 +/- ##
==========================================
+ Coverage 76.47% 77.27% +0.80%
==========================================
Files 124 124
Lines 7599 7627 +28
==========================================
+ Hits 5811 5894 +83
+ Misses 1788 1733 -55 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
maureenlholland
force-pushed
the
wt-602--consent-management
branch
4 times, most recently
from
6e88cec to
4bb0767
Compare
|
Needs automated tests once behaviour is confirmed (edit: this can be a follow-up task as long as demo behaviour is approved) |
maureenlholland
force-pushed
the
wt-602--consent-management
branch
2 times, most recently
from
19070e8 to
2661092
Compare
stevejalim
force-pushed
the
wt-602--consent-management
branch
from
2661092 to
d86eac6
Compare
media/js/base/gtm/gtm-snippet.es6.js
Outdated
|
|
||
| if (hasPref) { | ||
| setGtagAdsConsentMode(cookie.analytics, 'default'); | ||
| setGtagAnalyticsConsentMode(cookie.analytics); |
There was a problem hiding this comment.
QA Bug: During testing, analytics_storage was observed firing as "update" instead of "default" when a moz-consent-pref cookie exists. This means analytics has no declared default state before GTM loads. Google falls back to its own implicit default until the update arrives.
The type argument is missing here, so it defaults to 'update'. It should be 'default' to match the ads consent call on the line above:
setGtagAnalyticsConsentMode(cookie.analytics, 'default');Google's consent mode requires default to be set before GTM loads. Confirmed inspection on demo3 shows "1": "update" instead of "1": "default" on page load when a cookie is present (tested on /firefox/new/ and /landing/get?geo=FR).
|
@maureenlholland Overall, 99% there, one itemg observed, left an inline comment. Tested on demo3. All GTM loading gates pass (DNT, GPC, consent-required geo). The /landing/get special rule works correctly, analytics granted, ads denied with no cookie. GTM Loading Gates
Consent Defaults
Consent Defaults (/landing/get)
Update Events
|
| GTMSnippet.handleConsent = (e) => { | ||
| const hasConsent = e.detail.analytics; | ||
|
|
||
| // update gtag consent according to pref |
There was a problem hiding this comment.
this is probably a bit redundant given the consent rules under which we display the consent banner (denial default is likely in place & we may be updating for denial too), but it feels more future-proof in case the consent banner logic changes
stephendherrera
left a comment
stephendherrera
left a comment
There was a problem hiding this comment.
QA verified on demo3. Missing default type on setGtagAnalyticsConsentMode is confirmed working. analytics_storage correctly fires as default instead of update when a consent cookie is present on page load.
My tests below:
No cookie==all denied defaults
Cookie analytics:true==all granted as default
/landing/get no cookie, no consent required==analytics granted, ads denied
Consent banner accept on ?geo=FR ==GTM loads with correct grants
DNT/GPC gates and cookie settings paths were not re-tested as recent changes don't affect those paths.
PR #955 introduced Google Consent Mode defaults that inadvertently set analytics_storage to 'denied' for all pages except /landing/get. This silently blocked GA4 from recording events for the majority of site traffic — visitors outside EU/EAA without a consent cookie. The fix replaces the /landing/get-specific check with a region-based check, so analytics_storage defaults to 'granted' whenever explicit consent is not required, matching the existing GTM loading behavior in init().
* fix: fix: default analytics_storage PR #955 introduced Google Consent Mode defaults that inadvertently set analytics_storage to 'denied' for all pages except /landing/get. This silently blocked GA4 from recording events for the majority of site traffic — visitors outside EU/EAA without a consent cookie. The fix replaces the /landing/get-specific check with a region-based check, so analytics_storage defaults to 'granted' whenever explicit consent is not required, matching the existing GTM loading behavior in init(). * grant ad_storage default on /landing/get for non-EU visitors Matches the marketing opt-out checkbox state upfront so there is no gap between GTM loading with ads denied and a later update. * Update tests/unit/spec/base/gtm/gtm-snippet.js Co-authored-by: maureenlholland <[email protected]> * Update tests/unit/spec/base/gtm/gtm-snippet.js Co-authored-by: maureenlholland <[email protected]> --------- Co-authored-by: Steve Jalim <[email protected]> Co-authored-by: maureenlholland <[email protected]>
2 participants
One-line summary
GTM implementation of Google consent mode: https://developers.google.com/tag-platform/security/guides/consent?consentmode=advanced#tag-manager_2
Default
/landing/getwith no user pref and no consent required, allow analyticsUpdate
Significant changes and points to review
Issue / Bugzilla link
https://mozilla-hub.atlassian.net/browse/WT-602
Testing
Available on Demo 3:
https://www-demo3.springfield.moz.works/en-US/
https://www-demo3.springfield.moz.works/en-US/landing/get
GTM is loaded according to usual gates (respecting DNT/GPC, consent-required, analytics cookie)
When GTM is loaded on most pages:
When GTM is loaded on /landing/get
When user indicates pref, an 'update' dataLayer event appears:
Google verification docs: https://developers.google.com/tag-platform/security/guides/consent-debugging#start-debugging