How to properly disable session cookies (EU cookies law, GDPR) - Printable Version +- CodeIgniter Forums (https://forum.codeigniter.com) +-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forumdisplay.php?fid=28) +--- Forum: CodeIgniter 4 Support (https://forum.codeigniter.com/forumdisplay.php?fid=30) +--- Thread: How to properly disable session cookies (EU cookies law, GDPR) (/showthread.php?tid=87576) |
How to properly disable session cookies (EU cookies law, GDPR) - Muzikant - 05-05-2023 I made a really simple page and I want to disable session cookies ("ci_session"). Unfortunately, my country is a part of the European Union and if I set any cookies, I am forced to inform users about it and have the reason specified on a specialized privacy policy page, which I really do not want to have, because there is no real reason for any of that as the page is really simple. All those things annoying users and adding work for me, so if I can avoid it, I would like to. It might be a noob question and I unsuccessfully searched for the solution, but how to properly disable session cookies on certain controllers and/or on the whole site? RE: How to properly disable session cookies (EU cookies law, GDPR) - Muzikant - 05-05-2023 As nobody reacted, I presumed there is no common solution. I dived into a problem and realized what was setting the session cookie. On the page I have a contact form, but this was not the problem by itself. I am using form helper, and the cookie was set after I called validation_show_error() function. I made changes in my code to avoid using of this function and there is no cookies set on my page at all. It is strange that validation library not setting the session cookie, but validation form helper function do. RE: How to properly disable session cookies (EU cookies law, GDPR) - InsiteFX - 05-06-2023 READ: Cookies on GOV.UK RE: How to properly disable session cookies (EU cookies law, GDPR) - Crenel - 05-06-2023 (05-06-2023, 09:59 PM)InsiteFX Wrote: READ: lol, wut.... Anyway, back on the original topic without reference to wildly-irrelevant links, the following is quoted from the CI4 docs, specifically Library Reference - Validation, with bold added by me to explain why I'm mentioning this: Quote:In that case, you need to use Form helper function validation_errors(), validation_list_errors() and validation_show_error(). These functions check the validation errors that are stored in the session. It would be good (considering the non-trivial costs involved) if there was a direct way in CI4 to disable all cookie and session functionality. Many sites need to use cookies, but not all of them do. If you want to put up something that requires zero storage of any user data, you shouldn't have to comply with international data privacy regulations out of concern that your framework might store data despite your lack of intent to do so. There is probably a way to accomplish this, but if so, it's not obvious. Just avoiding one feature is clearly not a reliable approach. |