CookieBot don't show on Firefox and Chrome

Comments

10 comments

  • Hey Michael,

    I see that you have included the script twice on your page, so this might lead to errors and issues. Could you please try to remove one of the instances of the script and see if the errors still appears.

    Regards,
    Martin

    0
    Comment actions Permalink
  • Avatar
    Michael

    Hi,

    I've remove the WordPres plugin and I use now the script code : <script id="Cookiebot" src="https://consent.cookiebot.com/uc.js" data-cbid="3a234586-b191-4b17-824c-85ef04b2ac83" type="text/javascript" async></script>

    The problem is always the same ....

    Can You help me to solve this problem ?

    Best regards.

    0
    Comment actions Permalink
  • Hey Michael,

    The reason why Cookiebot is not showing is that the script is not loaded. There is something on your website which blocks the script and prevent the loading of cookiebot. 

    When I inspect the website the following error message is displayed in the console:
    Refused to load the script 'https://consent.cookiebot.com/uc.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.stripe.com *.google-analytics.com *.typekit.net *.wp.com *.facebook.com *.facebook.net *.instagram.com *.twitter.com *.pinterest.com *.linkedin.com *.oneall.com".

    see screenshot below: 

    I think that you could fix this issue by adding meta tag "Content Security Policy" which allow importing a remote script. It should look like this: 

    <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: XXXXXXXXXXXXX">

     

    Regards,
    Spas

    0
    Comment actions Permalink
  • Avatar
    Michael

    Hi,

    I've install a new plugin on my WordPress to add the script on the Header.

    Here is what I've done on the Header section :

    1) Insert this script : <script id="Cookiebot" src="https://consent.cookiebot.com/uc.js" data-cbid="3a234586-b191-4b17-824c-85ef04b2ac83" type="text/javascript" async></script>

    It doesn't work on Firefox and Chrome

    2) Insert this script :

    <script id="Cookiebot" src="https://consent.cookiebot.com/uc.js" data-cbid="3a234586-b191-4b17-824c-85ef04b2ac83" type="text/javascript" async></script>

    <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: XXXXXXXXXXXXX">

    It doesn't work on Firefox and Chrome AND the CSS don't laod on my Wordpress

    3) I've change the DATA value like this :

    <script id="Cookiebot" src="https://consent.cookiebot.com/uc.js" data-cbid="3a234586-b191-4b17-824c-85ef04b2ac83" type="text/javascript" async></script>

    <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: 3a234586-b191-4b17-824c-85ef04b2ac83">

    It doesn't work on Firefox and Chrome AND the CSS don't laod on my Wordpress

    Can you help me ?

    0
    Comment actions Permalink
  • Avatar
    Spas – vConnect – Community Supporter

    Hi Michel,

    Could you try using: 
    <meta http-equiv="Content-Security-Policy" content="default-src 'self' https://consent.cookiebot.com">

    You could find more information about how to use Cpntent Security Policy in the following links: 
    https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
    https://content-security-policy.com/

    Regards, 
    Spas

    0
    Comment actions Permalink
  • Avatar
    Michael

    Hi Spas,

    I've add your script but it dosen't work.

    Could you please send me all the attribut that could work on the script ? Here is my website : https://entreprendre.fun

    Is there a way to speak with someone to solve my problem ? By Phone or Skype or WhatsApp ...

    Thanks

    0
    Comment actions Permalink
  • Hi Michel,

    You are using a CSP (content security policy), but I can see that you have not added the meta-tag about CSP mentioned in the above comment.
    Preferably you should make sure that our script source is white-listed in the http-header. You should also contact you host provider and have them add the Cookiebot domain to you CSP.

    Regards, Spas

    0
    Comment actions Permalink
  • Avatar
    Michael

    Hi,

    I've contact my Hosting provider and he told me about To add some IPs To the server.

    Could you please give me these informatons ?
    Thanks

    0
    Comment actions Permalink
  • Avatar
    Michael

    I've add the META string in the HEADER but it dosen't work.

    Can You give me all the attribut of the META that work fine ?

    Thanks

    0
    Comment actions Permalink
  • Hi Michel,

    Here you could find the IPs which are used by Cookiebot, so you could add those IPs to your whitelist if you want to: https://support.cookiebot.com/hc/en-us/articles/360003824153-Whitelist-what-IP-addresses-do-you-scan-from-

    Regarding the Content Security Policy META tag, I can see that you have added it to your head but you have not added the right CSP meta tag. 
    Unfortunately, I can not provide you all attributes of the meta tag because the attributes depends on your website and this is something you should figure out by yourself.

    However, I see that now you have added as CSP meta tag:
    <meta http-equiv="Content-Security-Policy" content="script-src 'self' 'unsafe-inline' 'unsafe-eval' *.googleapis.com *.stripe.com *.google-analytics.com *.typekit.net *.wp.com *.facebook.com *.facebook.net *.instagram.com *.twitter.com *.pinterest.com *.linkedin.com *.oneall.com">

    I guess that this meta tag is copy/pasted from somewhere with example data/attributes which are not related to your case and that's why it doesn't work on your site. 

    You could also see in the above comments that I have suggested you a example of CSP meta tag that you could try on, but as I said you should find the exact data/attributes that you need to add in order to allow all blocked scripts to your site. 

    Regards, Spas

    0
    Comment actions Permalink

Please sign in to leave a comment.