Cookie cookie cookie COOOKIE
I enjoy a good cookie, particularly the slightly squidgy ones with huge chunks of chocolate in. Sadly, this isn’t about highly-calorific comestibles, but about information this site will store in your browser.
The Register published a rather helpful article on the impending deadline for UK sites to conform to the new EU ePrivacy Directive (a thoroughly riveting read), which prompted me to get with the programme. You probably saw the notice pop up when you first visited the site.
This is what The Register has to say:
The ePrivacy Directive makes it clear that the storing and slurping of data on an individual web surfer’s computer is only lawful “on condition that the subscriber or user concerned has given his or her consent, having been provided with clear and comprehensive information … about the purposes of the processing”.
Furthermore, that consent needs to be granted explicitly and must be unambiguous.
So I’m now using the WordPress plugin EU Cookie Directive to pop up a message requesting your consent to use cookies and I’ve prepared a little page to help you find out more about how this site uses cookies.
It is rather ironic that this opt-in preference is then itself stored in a cookie, but there you go.
Also, if you’re like me and clear your browser cookies automatically on browser shutdown, then that pop-up message may get annoying. Sorry about that, feel free to vent your anger in the comments.
Read more from Jock
The Practitioner's Guide To Product Management
by Jock Busuttil
“This is a great book for Product Managers or those considering a career in Product Management.”
— Lyndsay Denton
Jock Busuttil is a freelance head of product, product management coach and author. He has spent over two decades working with technology companies to improve their product management practices, from startups to multinationals. In 2012 Jock founded Product People Limited, which provides product management consultancy, coaching and training. Its clients include BBC, University of Cambridge, Ometria, Prolific and the UK’s Ministry of Justice and Government Digital Service (GDS). Jock holds a master’s degree in Classics from the University of Cambridge. He is the author of the popular book The Practitioner’s Guide To Product Management, which was published in January 2015 by Grand Central Publishing in the US and Piatkus in the UK. He writes the blog I Manage Products and weekly product management newsletter PRODUCTHEAD. You can find him on Mastodon, Twitter and LinkedIn.
Thanks for checking – I think I may have fixed the problem now, at least I’m seeing the pop-up on Chrome, IE9 and Firefox. Hope that helps, and thank you for your help testing!
Now I get the pop-up – looks good.
So, did you change the configuration in a specific manner? Would be nice to get some tips on how you did before I go ahead and try this on my site.
For you, it will probably just work out of the box. My situation was caused by the slightly complicated way I’ve set up WordPress.
Very briefly, I have two copies of the site running, one under HTTP, the other under HTTPS. I use rewrite scripts to transparently bounce people on the site between them depending on whether the pages need secure login. In essence, I didn’t want people submitting passwords unencrypted.
Until recently I’ve managing fine with a self-signed SSL certificate; this encrypts the traffic perfectly well, but browsers complained because it’s not signed by a recognised authority such as Verisign or Comodo. As browsers are now a bit more security conscious, they were refusing to load some elements of the page that were coming from the HTTPS site.
Replacing the self-signed certificate with a properly signed one appears to have appeased the various browsers that were having problems.
So I don’t think you’ll see the same problems as me unless you’re also using a dual HTTP/HTTPS setup with a self-signed certificate.
And yes, there is probably a simpler way for me to do this, but I like the challenge!