As GDPR applies to every business, large and small, around the world for website visitors to have more control over their personal information and can rest assured that there is enough security for their personal data.
One should value the initiative and law and take steps to make visitors experience pleasant and data safe. Cookies play an important part in data storage
They are widely used on the web for storing information and providing a personalized browsing experience to users. Do you want to learn how to use TYPO3 Cookies on your TYPO3 website in a safer way?
In this cookie guide, we will show you everything on TYPO3 cookies from setting to deleting and TYPO3 extensions for TYPO3 Cookies
What are TYPO3 Cookies?
Well in simple words if we try to explain what TYPO3 Cookies are then it can be defined as plain simple text record files that are made and stored away in visitors’ browsers when they visit your website. Cookies are basically utilized to include various highlights and features on a website.
Below are some of the basic utilization of cookies on different sites.
- Store and deal with visitor's login data
- Store brief session data during a visitor visit
- Online stores use cookies to recollect cart data during a client's visit
- Track user activity on a site to offer a customized client experience
- and that's only the tip of the iceberg
As should be obvious, cookies are an exceptionally helpful piece of data for site owners, however, they can likewise be somewhat intrusive. Ongoing patterns in email advertising, hacking hazards, and marketing trends all in all permit sites to set cookies that go about as a reference point and can be utilized to store and even offer visitors activities across sites.
This is the reason the European Union established the EU Cookie Law, which requires site owners to announce that they use cookies on their website to store data.
How TYPO3 Uses Cookies?
By default, TYPO3 uses so-called session cookies ("Cookies"). TYPO3 cookie is a small data file that is transferred to the visitor's computer but it can not identify the visitor personally, it stores only the browser that is installed on their computer, visitor’s activities, and user’s name and email address if they fill out a comment form.
Typically, TYPO3 Core sends four cookies set by PHP to the browser when a session is requested:
- fe_typo_user - used to identify a session ID when logged-in to the TYPO3 Frontend
- be_typo_user - used to identify a backend session when a Backend User logged in to TYPO3 Backend or Frontend
- Typo3InstallTool - used to validate a session for the System Maintenance Area / “Install Tool”
- be_lastLoginProvider - stores information about the last login provider when logging into TYPO3 Backend
However, if you use the TYPO3 Cookie extension then it may also set their own cookies. So make sure to check any TYPO3 Cookie extension in detail to confirm it does not violate any of the EU cookie law.
And if you are using third-party services like Google Analytics or Google AdSense, then they may also set cookies on your website.
Below are the steps to view all website cookies in your browser’s settings.
How TYPO3 Extensions Use Cookies?
As you read about TYPO3 cookies, third-party TYPO3 Cookies Extensions you install also set cookies. Most of them use a combination of browser cookies and database rows.
With new EU and GDPR privacy laws, it is necessary to understand what cookies are being set and how the data is used. The new EU privacy laws require websites to display cookies popup on their website.
Here are just a couple of the many examples of what cookies are used for:
- If you have a popup box on your TYPO3 website and a visitor closes it, this typically will set a cookie so that it doesn’t come back again.
- Your selections in a TYPO3 e-commerce website. A cookie is stored for it so that the shopping cart keeps your products while you continue to browse around the site.
- GeoIP features might store the IP address and latitude/longitude coordinates of the visitor browsing the site for the TYPO3 navigation website.
- Newsletter plugin might set a cookie for users if they’ve already subscribed, this gives the ability to hide the newsletter box.
- Essentially any action or opt-in on a TYPO3 website typically will involve setting a cookie in the browser behind the scenes.
Ultimately, the goal of setting up TYPO3 cookies is to try and help improve the browser experience or provide additional functionality through verification.
How to setup TYPO3 Cookie in Custom Extbase Extension?
TYPO3 core provides configuration for the Cookie as below.
cookieHttpOnly
In order to make the session cookie only accessible through the HTTP protocol, “cookieHttpOnly” is enabled by default since TYPO3 CMS 6.2. This means, that the cookies “fe_typo_user” and “be_typo_user” are not accessible by scripting languages (e.g. JavaScript), which hardens the protection against XSS attacks (cross-site scripting). Although, some older browsers do not support this technique.
Possible values are 0 or 1 (boolean), where “0” deactivates the option and “1” enables it (default since TYPO3 6.2).
The PHP variable reads: $GLOBALS[‘TYPO3_CONF_VARS’][‘SYS’][‘cookieHttpOnly’]
cookieSecure
This configuration should be used in combination with “lockSSL”, see below. It indicates that the cookie should only be transmitted over a secure HTTPS connection between client and server. Possible values are 0, 1, and 2 (integer) with the following meaning:
0 = a cookie is always sent, independently from which protocol is used currently. This is the default setting.
1 = The cookie will only be set if a secure connection exists (HTTPS). Use this in combination with “lockSSL” since otherwise the application will fail and throw an exception.
2 = The cookie will be set in each case, but uses the secure flag if a secure (HTTPS) connection exists.
The PHP variable reads: $GLOBALS[‘TYPO3_CONF_VARS’][‘SYS’][‘cookieSecure’]
How to get TYPO3 Cookie at TypoScript?
// TypoScript Setup
10 = TEXT
10.data = global:_COOKIE|my_cookie
10.wrap = <h2>My Custom TYPO3 Cookie: |</h2>
Option 1. Easiest way to Set and Get TYPO3 Cookie
// Set TYPO3 Cookie
$GLOBALS['TSFE']->fe_user->setKey("ses","myCookie",”myValue”)
$GLOBALS['TSFE']->fe_user->storeSessionData();
// Get TYPO3 Cookie
$GLOBALS["TSFE"]->fe_user->getKey("ses","myCookie");
Option 2. From TYPO3 v7 Use Native Session Handler
You can also use TYPO3 Native Session, The Class makes a difference between normal and logged in users and it supports multiple session data separated by the sessionPrefix.
use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
/**
* Class SessionUtility
*/
class SessionUtility {
/**
* Session data
*
* @var array
*/
protected $sessionData = array();
/**
* Prefix for the session
*
* @var string
*/
protected $sessionPrefix = '';
/**
* @var TypoScriptFrontendController
*/
protected $frontendController;
/**
* Constructor
*/
public function __construct()
{
$this->frontendController = $GLOBALS['TSFE'];
}
/**
* Init Session
*
* @param string $sessionPrefix
* @return void
*/
public function initSession($sessionPrefix = '')
{
$this->setSessionPrefix($sessionPrefix);
if ($this->frontendController->loginUser) {
$this->sessionData = $this->frontendController->fe_user->getKey('user', $this->sessionPrefix);
} else {
$this->sessionData = $this->frontendController->fe_user->getKey('ses', $this->sessionPrefix);
}
}
/**
* Stores current session
*
* @return void
*/
public function storeSession()
{
if ($this->frontendController->loginUser) {
$this->frontendController->fe_user->setKey('user', $this->sessionPrefix, $this->getSessionData());
} else {
$this->frontendController->fe_user->setKey('ses', $this->sessionPrefix, $this->getSessionData());
}
$this->frontendController->storeSessionData();
}
/**
* Destroy the session data for the form
*
* @return void
*/
public function destroySession()
{
if ($this->frontendController->loginUser) {
$this->frontendController->fe_user->setKey('user', $this->sessionPrefix, null);
} else {
$this->frontendController->fe_user->setKey('ses', $this->sessionPrefix, null);
}
$this->frontendController->storeSessionData();
}
/**
* Set the session Data by $key
*
* @param string $key
* @param string $value
* @return void
*/
public function setSessionData($key, $value)
{
$this->sessionData[$key] = $value;
$this->storeSession();
}
/**
* Retrieve a member of the $sessionData variable
*
* If no $key is passed, returns the entire $sessionData array
*
* @param string $key Parameter to search for
* @param mixed $default Default value to use if key not found
* @return mixed Returns NULL if the key does not exist
*/
public function getSessionData($key = null, $default = null)
{
if ($key === null) {
return $this->sessionData;
}
return isset($this->sessionData[$key]) ? $this->sessionData[$key] : $default;
}
/**
* Set the s prefix
*
* @param string $sessionPrefix
*
*/
public function setSessionPrefix($sessionPrefix)
{
$this->sessionPrefix = $sessionPrefix;
}
/**
* @param string $key
*
* @return bool
*/
public function hasSessionKey($key) {
return isset($this->sessionData[$key]);
}
}
TYPO3 Extensions to set cookies
TYPO3 Extension Repository has some of the best TYPO3 Cookie Consent extensions that will help you make your website compliant with the EU Cookie Directive.
The following are a few of the free TYPO3 Cookies Notice Extensions that are bound to make the process easier for website owners.
#1 Simple Cookie Bar TYPO3 Extension
Do you want to add a cookie consent popup on your TYPO3 website?
The Cookie Hint plugin will assist you in making your website GDPR compliant.
- Accept and Reject options
- Configurable cookie details and description
- Changeable colors, fonts, styles, position on the page
- Adds a subtle cookie banner
- Adjustable at any part of the website
- Customizable the cookie notice style
- Can set behavior when you click “Accept”
- Cookie Audit shortcode
#2 Cookiebot.com GDPR Compliant TYPO3 Extension
To support publishers, technology vendors and advertisers in meeting the transparency and user consent requirements of the GDPR and ePrivacy Directive, NITSAN has designed an extension NS_Cookiebot in TYPO3 CMS to integrate one of the most popular cookiebot.com
- Easy Integration with Cookiebot.com
- Set-Cookie bar text with links
- Set position of Cookiebar
- Asks User consent
- Multilingual
- Storage of user-consent in cloud
- Downloadable reports of user consents
- Cookie-categorization
- Detects scanners
#3 Cookies
This TYPO3 extension shows cookie hints, various options with the possibility to deactivate them. This extension disables cookies and additional JavaScript libraries that are further not needed.
- Shows a hint that cookies are used on your website.
- A hint can be closed or permanently hidden.
- "Read more" link (optional, links to a page where one can find more information)
- User has the possibility to disable cookies
- The widget can be added as a plugin on one page or with TypoScript on every page.
- Provides a cached plugin.
- Fluid template. You can modify anything!
- Depends on jQuery.
#4 Cookie manager - Consent Panel (Optin)
With this TYPO3 Extension, you can manage the script/Html tags that generate cookies on your site or simply build a consent panel. You can create different groups like essential, tracking, preferences, and so on. The associated scripts will be loaded only after the optin process is done.
- HTML/Script tag management
- Grouping of different Cookies alias Script tags
- Multi-domain ready
- Multi-language ready
- Out of the box English and german frontend rendering
- Cookie Information Table
- Optin Panel, which loads the scripts only after the confirmation
- Google Tag Manager support.
- Customizable, use your own CSS or change the Fluid templates
- Uses Custom Javascript events
- Supports TypoScript Constants processing inside the cookie HTML
#5 Cookie Law Management
Cookie Law Management is easy to use a plugin that allows showing privacy information, manage website cookies, and get consent to install. It is compliant with EU Law and Italian Law (more restrictive).
- Uses a combination of JQuery and Typoscript.
- The extension works at the rendering level and can disable cookie installation by standard content elements or third party extensions.
- Capability to manage Google Analytics, Youtube, Vimeo, Slideshare, and others
- Handled by Cookie Law Management are those generated by Facebook, Flickr, GoogleMaps, Prezi, SlideShare, Twitter, Vimeo, YouTube.
TYPO3 CookieYes Extension
TYPO3 CookieYes Extension is your all-in-one solution for achieving global compliance effortlessly. With support for an extensive range of data protection laws, including GDPR (EU & UK), LGPD (Brazil), PIPEDA (Canada), POPIA (South Africa), nFADP (Switzerland), Privacy Act (Australia), PDPL (Argentina), PDPL (Andorra), and DPA (Faroe Islands), you can rest assured that your website meets the highest standards of data privacy.
GDPR and TYPO3 Cookies
GDPR is a new privacy law that came into effect on May 25th, 2018. It was formed to provide citizens their control of personal data.
Here is an example of T3Planet to help comply with the new law. When you first visit our site, you might have already seen it, you’re met with an “Accept Cookies” prompt at the bottom of the screen.
This is because we are now legally required to provide users a way to opt-in and opt-out of cookies being set. Gone are the days of just running whatever you want without informing users of data collection.
How to delete TYPO3 Cookie?
To delete a TYPO3 cookie, open your preferences of the browser window and remove the cookie of your TYPO3 front end session. Search for the URL of your website where you can see a cookie www.my-typo3-domain.com fe_typo_user. Delete this cookie and your FE session is cleared and repaired.
Post a Comment
- Your explanations of this stuff are the best on the web. Great TYPO3 Cookie blog, Simple, clear, tested by a real person! Thanks so much!
Dhyana Chauhan
Tech Expert & Customer ManagerDhyana Chauhan is the customer support manager at T3Planet, having vast experience as an technology lead who loves exploring everything that’s in trend, especially TYPO3. Being a TYPO3 fanatic, in her free time, she loves…
More From Author