Cookies disabled, leads to exception with localStorage

Question

Cookies disabled, leads to exception with localStorage

boldtrn opened this issue 3 years ago · comments

When you disable cookies in the browser and set up klaro to use localStorage, I get the following exception:

Uncaught DOMException: Failed to read the 'localStorage' property from 'Window': Access is denied for this document.

Furthermore, when using:

mustConsent: false, no Cookie consent is shown
mustConsent: true the Cookie consent cannot be closed

Andreas Dewes · Answer 1 · Fri Feb 26 2021 22:52:13 GMT+0800 (China Standard Time)

That's to be expected, most browsers block not only cookies but comparable storage mechanisms too in that case (see e.g. https://www.chromium.org/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document), nothing we can do about this.

If you want to cater to people that disable cookie/localStorage you can use the test store, which stores the decision in memory. The user will have to make a choice on every page he/she visits though, so it's not a very practical solution.

Robin · Answer 2 · Fri Feb 26 2021 22:56:06 GMT+0800 (China Standard Time)

I agree that you can't expect klaro to store data locally if the browser does not allow it, but I think the consent should be still shown and users should be able to accept or reject it. The results could then be stored in memory and are lost on page reload or maybe the results are just ignored.

IMHO, not showing the consent is potentially problematic in regards to GDPR (I am no lawyer though)
Not allowing to close the consent is an issue for usability.

Andreas Dewes · Answer 3 · Fri Feb 26 2021 22:57:09 GMT+0800 (China Standard Time)

Yes that's a good point, we should implement a fallback to the test consent store in that case, I'll add it to the backlog.

LetsRumpel · Answer 4 · Thu Aug 31 2023 16:44:30 GMT+0800 (China Standard Time)

As far as I understand it doesn't make sense to show the consent at all, if cookies are disabled in general and only tracking technologies using cookies are implemented. The user already decided to block all cookies, so there is no need to ask for a consent to something, you might want to do but can't. It would be nice to have a config value in klaro, i.e. "onlyCookieTechnologies" and if it's set true, the first thing in klaro might be to check for cookies in general. If they are disabled: nothing more to do!
Please keep in mind: this only applies if no technologies are used that also work without cookies!