README

GSB 11 Extension gsb_consent

About

The extension gsb_consent implements a comprehensive user consent management system for GSB11 websites. It provides a GDPR-compliant solution for managing user consent for various tracking scripts and cookies through a hierarchical data structure.

Learn more about the GSB 11.

Documentation

📚 Complete Documentation Available

For detailed information about the extension's functionality, architecture, and usage, please refer to our comprehensive documentation:

• Main Documentation - Complete guide covering functionality, data models, setup, and usage examples
• Architecture Overview - Technical architecture, database schema, and data flow diagrams

Quick Start

The extension implements a three-tier data structure:

• Consent Manager - Main configuration container
• Consent Groups - Categories (e.g., "Analytics", "Marketing")
• Consent Scripts - Individual tracking scripts

See the Main Documentation for detailed setup instructions and examples.

Integration in Page Template

The consent banner is rendered via the Consent page partial:

<f:render partial="Consent" arguments="{consentManager: consentManager}" />

The partial:

• injects the banner container (#cookie-banner)
• loads either cookieBanner.js (simple banner) or cookieBannerFull.js (manager mode)
• exposes consent scripts via window.gsbConsentScripts
• provides a hidden footer trigger link (#cookie-banner-link) to reopen consent settings

Installation

The best way to install this extension is to start with the GSB Sitepackage Kickstarter extension.

Quick installation without GSB Sitepackage Kickstarter

In a composer-based TYPO3 installation you can install the extension EXT:gsb_consent via composer:

  composer require itzbund/gsb-consent

Feature Flags

This document explains how to use feature flags. We separate between two different kinds of feature flags:

Feature

Feature flags allow you to enable or disable specific features in your installation. \ This is of particular importance to disable features that have not passed the approval process.

Optional

Optional flags allow you to (de-)activate specific features for your installation. \ A practical use for these is the (de-)activation of an extension.

For more information about feature flags in TYPO3, please refer to the official TYPO3 Documentation on Feature Flags.

Feature Flag Configuration

Feature and Optional flags are configured in the .env or the local-dev/.ddev/docker-compose.environment.yaml file on ddev machine. To add a feature flag, use the following syntax:

# FEATURE FLAG
- TYPO3__SYS__features__GSB11_FEATURE_123_NEW_FEATURE=%const(bool:true)%
# OPTIONAL FLAG
- TYPO3__SYS__features__GSB11_OPTION_123_ENABLE_EXTENSION=%const(bool:true)%

In this example, both feature flags, GSB11_FEATURE_123_NEW_FEATURE and GSB11_OPTION_123_ENABLE_EXTENSION, are set to true. To disable the feature, change the value to false or delete the setting.

Feature Flag Truth Table

This table illustrates the behavior of feature flags in various states.

Usage in PHP Code

To use a feature flag in your PHP code, you can check the flag's value with the isFeatureEnabled() method of the Features class:

if (GeneralUtility::makeInstance(Features::class)->isFeatureEnabled('GSB11_FEATURE_123_NEW_FEATURE')) {
    echo 'Feature is enabled';

    // Feature-specific code
    ...
}

Usage in Fluid Templates

Feature flags can also be checked in your Fluid templates with TYPO3's Feature ViewHelper.

Basic usage

<f:feature name="GSB11_FEATURE_123_NEW_FEATURE">
   This is being shown if the flag is enabled
</f:feature>

Feature > then > else

<f:feature name="GSB11_OPTION_123_ENABLE_EXTENSION">
    <f:then>
        Flag is enabled
    </f:then>
    <f:else>
        Flag is undefined or not enabled
    </f:else>
</f:feature>

Current feature flags of gsb_consent

Runtime Behavior

Cookies used by the extension

The consent state is persisted in three cookies:

• cookies_accepted_version
• cookies_accepted_scripts
• cookies_accepted_userhash

Technical notes:

• Cookie lifetime is derived from the Consent Manager lifetime (data-store-lifetime, fallback 31536000 seconds)
• Cookies are written with SameSite=Strict; path=/
• On restore, state is accepted only if all three cookies exist and version matches

Consent storage endpoint

Consent decisions are persisted by POST request to the page type endpoint:

• PageType: 1730672718
• Controller action: ConsentController::storeConsentAction()
• Payload: JSON with acceptedScripts and optional userhash
• Response: JSON containing the resolved userhash

Consent layer endpoint

The banner markup is fetched asynchronously from:

• PageType: 1698966645
• Template: Resources/Private/Templates/Consentlayer.html

Usage

The extension works automatically once configured. See the Main Documentation for detailed setup instructions including:

• PageType configuration requirements
• Database setup steps
• Template integration
• Advanced configuration options

Site Set setting for privacy page link

The extension provides a site setting:

• newsletter.privacyPageUid (type: page)

Usage in consent layer:

• If this setting is configured and the default consent layer text is used, Datenschutzerklärung / privacy policy is rendered as a clickable page link.
• If it is not configured (0), the plain localized body text (consentLayer.body) is rendered without link.

Contribute

As with TYPO3, we encourage you to join the project by submitting changes. Development of the GSB 11 happens mainly in the GSB 11 TYPO3 extension repositories.

To get started, have a look at our detailed contribution walkthrough.