Cookies and Content Security Policy

Yes, if you set it up right.

After install, open a console (see screenshot 13) and see what is blocked by Content Security Policy. Then just go to WP Admin > Settings > Cookies and Content Security Policy > Domains and add the domains you want to allow. Or you can take a look at WP Admin > Settings > Cookies and Content Security Policy > Quickstart, and see if the resource you want to use is there.

After install, open a console (see screenshot 13) and see what is blocked by Content Security Policy. If you get the error message: Refused to load the script 'https://domain.com/some-script.js' because it violates the following Content Security Policy directive: "script-src [...] in the console, you should add https://domain.com/ to Script, since https://domain.com/ is the domain of the URL that caused the error, and script-src is the directive. If it is Always allow, Statistics, Experience or Marketing is up to you.

There are three scenarios where this can happen:

• In some cases cookies are cached. It could be your hosting (for example WP Engine does this), then just contact them and ask them to uncache the cookies_and_content_security_policy cookie, or you can check “WP Engine compatibility mode” under Settings.
• In other cases it could be your cache plugin (for example Litespeed cache does this), then just review your settings. Read more in the next question in the FAQ that is all about cache plugins.
• If you’re using static page cache that doesn’t go through php, go to Settings > Cookies and Content Security Policy > Settings and check Use meta under Advanced settings.

Review the settings of you cache plugin.

Examples:

• Litespeed cache, go to WP Admin > LiteSpeed Cache > Advanced, scroll down to “Vary Cookies” and enter cookies_and_content_security_policy and save your changes.
• Hummingbird, go to WP Admin > Hummingbird > Caching, scroll down to “Exclusions” and in “Cookies” enter cookies_and_content_security_policy and save your changes.
• WP Fastest Cache, go to WP Admin > WP Fastest Cache > Exclude, scroll down to “Exclude Cookies” and click “Add New Rule” and enter cookies_and_content_security_policy and save.

In English

• https://crcom.se/
• https://abliva.com/ – Transladed strings in Polylang, works in the same way with WPML
• https://www.ascelia.com/ – Transladed strings in Polylang, works in the same way with WPML
• https://alligatorbioscience.se/en/ – Transladed strings in Polylang, works in the same way with WPML
• https://oddoneout.se/en/ – Transladed strings in Polylang, works in the same way with WPML

In Swedish

• https://studiocanalis.se/
• https://yogajona.se/
• https://handelskammaren.com/
• https://careon.se/
• https://bostadsbevaka.se/

Yes.

Yes, all texts are translatable. There are 10+ languages already translated. And if you want to contribute with a translation of your own language, please do! <3 All texts on the front end can be changed directly in the admin. And if you are using WPML, Polylang, or some other multilanguage plugin, there is also support for multilanguage translations.

1. Make sure you have “WPML String Translation” installed.
2. Go to Settings > Cookies and Content Security Policy > Texts and save your texts.
3. Go to WPML > String Translation.
4. Search for “cacsp_” (without quotes).
5. Click the plus sign to add translation.
6. If you have a string named “cacsp_option_settings_policy_link”, the value is a number. It is the ID of the Cookie policy page. Translate this by entering the ID of the cookie policy page in the language you are translating to.

1. Go to Settings > Cookies and Content Security Policy > Texts and save your texts.
2. In the WordPress admin bar, choose “Show all languages”.
3. Go to Languages > Strings translations.
4. In the “View all groups” dropdown, choose cookies-and-content-security-policy, and click “Filter”.
5. Translate your texts in the form.
6. If you have a string named “cacsp_option_settings_policy_link”, the value is a number. It is the ID of the Cookie policy page. Translate this by entering the ID of the cookie policy page in the language you are translating to.

Yes, there are settings for using a modal or a banner. Also you can choose if the site should be locked behind the modal or if the site should be usable without setting your preferences. You can also change the colors of everything. And if you want you can disable the css entirely and use your own.

No, but you can make your own, and in the settings you can select it and the modal won’t show there so that the user can read it without accepting first.

You can add a link anywhere on your site that links to #cookiesAndContentPolicySettings and clicking that will open the settings.

Yes, but you also get them unminified and the css also comes as SASS so you can change anything.

Yes, just add the querystring ?cacsp_bypass=true to your url, when running speedtest in Gmetrix for instance. It will set a session cookie that accepts all Domains you’ve set.

You can also bypass all visitors by IP address(es) to avoid consent for testing tools or your office.

Yes! Not all are tested, but all tested works!

These have been tested:

• Divi
• Beaver Builder
• WPBakery Page Builder
• Elementor

Defenetly! Just go to Network Admin > Settings > Cookies and Content Security Policy and choose how you want it to work.

You can choose if all settings should be individual for each site, all settings should be fetched from your main site, or if all settings except texts should be fetched from your main site.

Yes, it does! You can activate it in Settings > Cookies and Content Security Policy > Settings > Advanced settings > Enable Google Consent Mode v2

Yes, if you go to Settings and check “Save proof of consent”. The consent data is saved in the database table “your_prefix” + “cacsp_consent”. By default, the prefix is “wp_”, so in most cases the table is named “wp_cacsp_consent”.