When do I have to add cookies manually?
If our scanner is unable to scan parts of your website for some reason, and therefore not gathering the cookies automatically, you can always add these cookies manually. These self declared cookies are for informing purposes, as the banner should contain all cookies in order to be compliant.
How can I add cookies manually?
- log into the your Cookiebot account
- Open the tab "cookies"
- Click "add cookie" from the menu on the left
- Add the cookie information (see more info below)
- Click "save" from the menu on the left
- You are done!
In order to see these cookies in your banner information, you would need to scan the website again via your manager > cookies > Scan domain now.
What information do I need?
The exact cookie information is not something we can provide for you, but you can ask your web designer or the designer of the script.
The cookie name can always be found by checking the cookies via the browser console.
The first found url is where a website user would first be able to encounter this cookie. This can for example be the homepage of your website or any other path.
The domain path on the server in which the cookie will be available on. If set to '/', the cookie will be available within the entire domain. If set to '/sub/', the cookie will only be available within the /sub/ directory and all sub-directories such as /sub/home/ of domain.
The value is not always needed, but is used for cookies that can create a different value per session. The cookie name can always be found by checking the cookies via the browser console.
The categorization depends on the cookie purpose:
Necessary: scripts that are needed to guarantee website functionality.
For example; a cookie enabling shopping basket functionality on an e-commerce website which is necessary for the service requested by the user (= being able to add products to the basket and buy them).
Preferences: setting user choices to navigate the website.
For example; scripts that remember whether a user has seen a popup with a discount code. These are not strictly needed for the website to work, but can make the flow easier for a user.
Statistics: used for analytical purposes
For example; Google Analytics cookies.
Marketing: used for targeting the user with (personalized) adds
For example; the Facebook pixel can be used to show specific ads to certain users.
The secure attribute is an option that can be set by the application server when sending a new cookie to the user within an HTTP Response. The purpose of the secure attribute is to prevent cookies from being observed by unauthorized parties due to the transmission of the cookie in clear text. To accomplish this goal, browsers which support the secure attribute will only send cookies with the secure attribute when the request is going to a HTTPS page. Said in another way, the browser will not send a cookie with the secure attribute set over an unencrypted HTTP request. By setting the secure attribute, the browser will prevent the transmission of a cookie over an unencrypted channel.
HttpOnly attribute. You always need to enter an expiry date, as this is necessary information and this should also be visible from the browser console > application when looking up the cookie.
The cookie type can be either one of the following:
- HTML5 Local storage
- Flash Local Shared Object
- Silverlight Isolated Storage
- Pixel tags
- Ultrasound beacons
Will manually added cookies be blocked automatically?
No, these cookies will not get blocked automatically. Since the scanner doesn’t pick up on the cookie, the auto blocker will have no instructions to prevent the cookie from being set. You can manually mark up the scripts with
type="text/plain" to prevent the resource from loading prior consent. See more info regarding the manual implementation and marking up cookie scripts in this guide, step 4: manual markup guide