Merge pull request #321 from CybotAS/vendor-restrictions

4.3.7 update

cookiebot.php

@@ -5,7 +5,7 @@
 Plugin URI: https://www.cookiebot.com/
 Description: The Cookiebot CMP WordPress cookie banner and cookie policy help you comply with the major data protection laws (GDPR, ePrivacy, CCPA, LGPD, etc.) in a simple and fully automated way. Secure your website and get peace of mind.
 Author: Usercentrics A/S
-Version: 4.3.6
+Version: 4.3.7
 Author URI: https://www.cookiebot.com/
 Text Domain: cookiebot
 Domain Path: /langs

readme.txt

@@ -2,8 +2,8 @@
 * Contributors: cookiebot,phpgeekdk,aytac
 * Tags: cookie banner, GDPR, CCPA, WordPress cookie banner, cookie policy, ePrivacy, dsgvo, privacy compliance, DMA, data privacy, cmp, cookies
 * Requires at least: 4.4
-* Tested up to: 6.4.1
-* Stable tag: 4.3.6
+* Tested up to: 6.4.3
+* Stable tag: 4.3.7
 * Requires PHP: 5.6
 * License: GPLv2 or later
 
@@ -297,6 +297,18 @@ If your favorite plugin isn't supported, feel free to request it via our [GitHub
 ## Changelog ##
 **Cookiebot CMP Plugin will soon no longer support PHP 5. If your website still runs on this version we recommend upgrading so you can continue enjoying the features Cookiebot CMP offers.**
 
+### 4.3.7 ###
+Release date: March 6th 2024
+
+Cookiebot CMP version 4.3.7 is out! This release adds bugfixes and small features. Here is the complete list of this update
+
+####What's new####
+* Set WordPress tested up to version to 6.4.3
+* Add ignore parameter to inline scripts associated to ignored scripts Props: @jaakkolehtonen
+
+####Bugfixes####
+* Fix fatal error when no purposes added to restrictions
+
 ### 4.3.6 ###
 Release date: February 28th 2024
 

src/lib/Cookiebot_Javascript_Helper.php

@@ -230,7 +230,8 @@ private function get_custom_tcf_restrictions() {
 		$attribute = array();
 
 		foreach ( $custom_tcf_restrictions as $vendor => $restrictions ) {
-			$attribute [] = '{"VendorId":' . $vendor . ',"DisallowPurposes":[' . implode( ', ', $restrictions['purposes'] ) . ']}';
+			$purposes     = ! empty( $restrictions['purposes'] ) ? $restrictions['purposes'] : array();
+			$attribute [] = '{"VendorId":' . $vendor . ',"DisallowPurposes":[' . implode( ', ', $purposes ) . ']}';
 		}
 
 		return implode( ',', $attribute );

src/lib/Cookiebot_WP.php

@@ -13,7 +13,7 @@
 use RuntimeException;
 
 class Cookiebot_WP {
-	const COOKIEBOT_PLUGIN_VERSION  = '4.3.6';
+	const COOKIEBOT_PLUGIN_VERSION  = '4.3.7';
 	const COOKIEBOT_MIN_PHP_VERSION = '5.6.0';
 
 	/**

src/lib/script_loader_tag/Script_Loader_Tag.php

@@ -27,7 +27,21 @@ class Script_Loader_Tag implements Script_Loader_Tag_Interface {
 	 * @since 1.1.0
 	 */
 	public function __construct() {
-		add_filter( 'script_loader_tag', array( $this, 'cookiebot_add_consent_attribute_to_tag' ), 10, 3 );
+		add_action( 'init', array( $this, 'initialize_ignore_scripts' ) );
+
+		if ( version_compare( get_bloginfo( 'version' ), '5.7.0', '>=' ) ) {
+			add_filter( 'wp_script_attributes', array( $this, 'cookiebot_add_consent_attribute_to_script_tag' ), 10, 1 );
+			add_filter( 'wp_inline_script_attributes', array( $this, 'cookiebot_add_consent_attribute_to_inline_script_tag' ), 10, 2 );
+		} else {
+			add_filter( 'script_loader_tag', array( $this, 'cookiebot_add_consent_attribute_to_tag' ), 10, 3 );
+		}
+	}
+
+	/**
+	 * Initialize the list of scripts to ignore cookiebot scan.
+	 */
+	public function initialize_ignore_scripts() {
+		$this->ignore_scripts = apply_filters( 'cybot_cookiebot_ignore_scripts', $this->ignore_scripts );
 	}
 
 	/**
@@ -64,8 +78,6 @@ public function cookiebot_add_consent_attribute_to_tag( $tag, $handle, $src ) {
 			return '<script src="' . $src . '" type="text/plain" data-cookieconsent="' . implode( ',', $this->tags[ $handle ] ) . '"></script>';
 		}
 
-		apply_filters( 'cybot_cookiebot_ignore_scripts', $this->ignore_scripts );
-
 		if ( $this->check_ignore_script( $src ) ) {
 			return preg_replace_callback(
 				'/<script\s*(?<atts>[^>]*)>/',
@@ -77,7 +89,7 @@ function ( $tag ) use ( $handle ) {
 						return $tag[0];
 					}
 
-                    //phpcs:ignore WordPress.WP.EnqueuedResources.NonEnqueuedScript
+					//phpcs:ignore WordPress.WP.EnqueuedResources.NonEnqueuedScript
 					return str_replace( '<script ', '<script data-cookieconsent="ignore" ', $tag[0] );
 				},
 				$tag
@@ -87,6 +99,43 @@ function ( $tag ) use ( $handle ) {
 		return $tag;
 	}
 
+	/**
+	 * Modifies script tags to add the consent ignore attribute.
+	 *
+	 * @param array $attributes List of the attributes for the tag.
+	 *
+	 * @return array List of the attributes for the tag.
+	 */
+	public function cookiebot_add_consent_attribute_to_script_tag( $attributes ) {
+		if ( isset( $attributes['src'] ) && $this->check_ignore_script( $attributes['src'] ) ) {
+			$attributes['data-cookieconsent'] = 'ignore';
+		}
+
+		return $attributes;
+	}
+
+	/**
+	 * Modifies inline script tags to add the consent ignore attribute.
+	 *
+	 * @param array $attributes List of the attributes for the tag.
+	 *
+	 * @return array List of the attributes for the tag.
+	 */
+	public function cookiebot_add_consent_attribute_to_inline_script_tag( $attributes ) {
+		if ( isset( $attributes['id'] ) && $this->is_inline_of_ignored_script( $attributes['id'] ) ) {
+			$attributes['data-cookieconsent'] = 'ignore';
+		}
+
+		return $attributes;
+	}
+
+	/**
+	 * Check if the script is part of an ignored script.
+	 *
+	 * @param string $src URL of the script.
+	 *
+	 * @return bool True if the script is part of an ignored script.
+	 */
 	private function check_ignore_script( $src ) {
 		foreach ( $this->ignore_scripts as $ignore_script ) {
 			if ( strpos( $src, $ignore_script ) !== false ) {
@@ -97,6 +146,38 @@ private function check_ignore_script( $src ) {
 		return false;
 	}
 
+	/**
+	 * Check if the inline script is part of an ignored script.
+	 *
+	 * @param string $inline_script_id ID of the inline script.
+	 *
+	 * @return bool True if the inline script is part of an ignored script.
+	 */
+	private function is_inline_of_ignored_script( $inline_script_id ) {
+		$base_id = $this->extract_base_id_from_inline_id( $inline_script_id );
+
+		$scripts = wp_scripts();
+
+		if ( isset( $scripts->registered[ $base_id ] ) && ! empty( $scripts->registered[ $base_id ]->src ) ) {
+			$src = $scripts->registered[ $base_id ]->src;
+			return $this->check_ignore_script( $src );
+		}
+
+		return false;
+	}
+
+	/**
+	 * Extract the base ID from the inline script ID.
+	 *
+	 * @param string $inline_script_id ID of the inline script.
+	 *
+	 * @return string Base ID of the inline script.
+	 */
+	private function extract_base_id_from_inline_id( $inline_script_id ) {
+		// Strip suffix to get the base ID.
+		return preg_replace( '/-js-(extra|after|before)$/', '', $inline_script_id );
+	}
+
 	/**
 	 * Check if the script tag attributes are valid for the injection of the consent ignore attribute.
 	 *

src/settings/pages/Iab_Page.php

@@ -38,9 +38,7 @@ public function display() {
 			'custom_tcf_special_features' => self::get_vendor_custom_option( 'cookiebot-tcf-special-features' ),
 			'custom_tcf_vendors'          => self::get_vendor_custom_option( 'cookiebot-tcf-vendors' ),
 			'custom_tcf_ac_vendors'       => self::get_vendor_custom_option( 'cookiebot-tcf-ac-vendors' ),
-			'custom_tcf_restrictions'     => ! empty( get_option( 'cookiebot-tcf-disallowed' ) ) ?
-				get_option( 'cookiebot-tcf-disallowed' ) :
-				array( '0' => array( 'purposes' => array() ) ),
+			'custom_tcf_restrictions'     => self::get_restrictions_custom_option(),
 			'vendor_data'                 => self::get_vendor_list_data(),
 			'extra_providers'             => self::get_extra_providers(),
 		);
@@ -72,6 +70,27 @@ private function get_vendor_custom_option( $option ) {
 		return empty( get_option( $option ) ) ? array() : get_option( $option );
 	}
 
+	private function get_restrictions_custom_option() {
+		$restrictions            = array();
+		$custom_tcf_restrictions = get_option( 'cookiebot-tcf-disallowed' );
+
+		if ( ! empty( $custom_tcf_restrictions ) ) {
+			foreach ( $custom_tcf_restrictions as $vendor => $t ) {
+				if ( empty( $t['purposes'] ) ) {
+					$restrictions[ $vendor ]['purposes'] = array();
+				}
+			}
+		} else {
+			$restrictions = array(
+				'0' => array(
+					'purposes' => array(),
+				),
+			);
+		}
+
+		return $restrictions;
+	}
+
 	private function get_vendor_array( $items, $item_name ) {
 		$array = array(
 			'title'       => self::get_vendor_option_content( $item_name, 'title' ),