Cookie cookie cookie COOOKIE

Cookie cookie cookie COOOKIE


This content was originally published more than five years ago and is archived here for preservation.

More up-to-date content is available on this blog.


I enjoy a good cookie, particularly the slightly squidgy ones with huge chunks of chocolate in.  Sadly, this isn’t about highly-calorific comestibles, but about information this site will store in your browser.

The Register published a rather helpful article on the impending deadline for UK sites to conform to the new EU ePrivacy Directive (a thoroughly riveting read), which prompted me to get with the programme.  You probably saw the notice pop up when you first visited the site.

This is what The Register has to say:

The ePrivacy Directive makes it clear that the storing and slurping of data on an individual web surfer’s computer is only lawful “on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information … about the purposes of the processing”.

Furthermore, that consent needs to be granted explicitly and must be unambiguous.

So I’m now using the WordPress plugin EU Cookie Directive to pop up a message requesting your consent to use cookies and I’ve prepared a little page to help you find out more about how this site uses cookies.

It is rather ironic that this opt-in preference is then itself stored in a cookie, but there you go.

Also, if you’re like me and clear your browser cookies automatically on browser shutdown, then that pop-up message may get annoying.  Sorry about that, feel free to vent your anger in the comments.


Read more from Jock

The Practitioner's Guide to Product Management book cover

The Practitioner’s Guide to Product Management
by Jock Busuttil

“I wish this book was published when I started out in product management”

Keji A., Head of Product

Read a free excerpt

Get articles emailed to you

Pop your email address in and receive new articles straight to your inbox. Your email won't be used for anything else. Promise.

Jock is a freelance head of product, author and conference speaker. He has spent nearly two decades working with technology companies to improve their product management practices, from startups to multinationals. His clients include the BBC, University of Cambridge, and the UK's Ministry of Justice and Government Digital Service (GDS).In 2012 Jock founded Product People Limited, a product management consultancy and training company. He is also the author of the popular book The Practitioner's Guide to Product Management and the blog I Manage Products.

Tagged with: , ,

6 Comments on “Cookie cookie cookie COOOKIE

  1. Thanks for checking – I think I may have fixed the problem now, at least I’m seeing the pop-up on Chrome, IE9 and Firefox. Hope that helps, and thank you for your help testing!

  2. Now I get the pop-up – looks good.

    So, did you change the configuration in a specific manner? Would be nice to get some tips on how you did before I go ahead and try this on my site.

  3. For you, it will probably just work out of the box. My situation was caused by the slightly complicated way I’ve set up WordPress.

    Very briefly, I have two copies of the site running, one under HTTP, the other under HTTPS. I use rewrite scripts to transparently bounce people on the site between them depending on whether the pages need secure login. In essence, I didn’t want people submitting passwords unencrypted.

    Until recently I’ve managing fine with a self-signed SSL certificate; this encrypts the traffic perfectly well, but browsers complained because it’s not signed by a recognised authority such as Verisign or Comodo. As browsers are now a bit more security conscious, they were refusing to load some elements of the page that were coming from the HTTPS site.

    Replacing the self-signed certificate with a properly signed one appears to have appeased the various browsers that were having problems.

    So I don’t think you’ll see the same problems as me unless you’re also using a dual HTTP/HTTPS setup with a self-signed certificate.

    And yes, there is probably a simpler way for me to do this, but I like the challenge!

Agree? Disagree? Share your views: