Hi
We use Cookiebot, and Cookiebot flags the cookie stg_externalReferrer as a marketing cookie, and also it is not blocking this cookie before the user accepts.
This website only have 2 tags, the normal Piwik Analytics, and a connector between Piwik and Cookiebot.
I wan’t to know if this Cookie is actually considered af marketing cookie, or if i can set it as a necessary cookie(since i can’t block it before the user accepts).
Or if i have to block it until the user accepts marketing cookies, if so how can i do this?
Setup:
Ask visitors for consent is on
Collect data without using cookies is selected
Use a custom consent form is on
Hi,
This is a cookie that stores information about the URL of the site that referred the visitor to your site.
It is created when:
You use an external referrer condition in a trigger, a visitor comes to your site from a referral site and this setting is turned on: Administration > Sites & apps > Privacy > Ask visitors for consent (on)
You use an external referrer condition in a trigger, a visitor comes to your site from a referral site and these settings are turned off: Administration > Sites & apps > Privacy > Ask visitors for consent (off) and Administration > Sites & apps > Privacy > Use visitor cookies (off)
A visitor comes to your site from a referral site and these settings are set: Administration > Sites & apps > Privacy > Ask visitors for consent (off) and Administration > Sites & apps > Privacy > Use visitor cookies (on)
More information about the cookie and other cookies which Piwik PRO uses can be found here:
On this site i only have 2 tags, both with “all page views” trigger. Which would not create the cookie if i understand this correct: “You use an external referrer condition in a trigger”
This condition:
A visitor comes to your site from a referral site and these settings are set: Administration > Sites & apps > Privacy > Ask visitors for consent (off) and Administration > Sites & apps > Privacy > Use visitor cookies (on)
Should not be able to activate the cookie either, since i have “ask visitors for consent” ON
I presume that you are using a Cookiebot scanner, which you already mentioned, to identify the cookies. It happens so that the scanner tends to identify the externalReferrer cookie even though it is not there. Could you please check if the cookie appears when you visit a website and check the network tab with a list of cookies in the developers console?
Yeah im using the Cookiebot scanner. Im not sure how it’s possible for it to find a cookie if it’s not even there. It must be active somehow, otherwise how would the scanner even know about it?
I do however see when i check manually like you suggested that it’s not showing up, not before or after accepting cookies. But Cookiebot can’t just guess the name and everything of the cookie, so it does somehow show up, at least when scanned by Cookiebot.
This is a common bug in the Cookiebot scanner when it comes to this particular cookie (externalRefferer). It is indeed a weird behavior of the scanner, but we are not responsible for how the scanner works.
I don’t see how this could be a bug by Cookiebot. Since the options in my Piwik should not be able to activate the cookie at all, it should not exist on my website. How would Cookiebot’s scanner even know about this cookie if your script is not using it? If it is not active anywhere, how would Cookiebot even know about it?
Cookiebot is writing this:
"When a website is being scanned, the Cookiebot scanner crawls it looking for all known types of cookies and tracking technology. This includes everything from the most common types of http cookies to much more advanced tracking technology such as ultrasound beacons. The scanner does not detect anything automatically but what is detected on the domain URLs depending upon the scripts/iframes/images etc.
Our scanner is built to identify, visit and scan all identifiable urls on a website. This is necessary to provide the service we do.The scanner cannot be manipulated to change the result of the scan and it will only work with what is found on the domain itself.
According to the scan report, the script at line 14 is the initiator of the cookie and when you go to the line 14 in the source code following script can be seen setting the cookie:"
What he shows is the regular container script from Piwik, is the one that is setting the cookie. And as i told, i only have the normal Piwik tracking tag, and a script tag to communicate between Cookiebot and Piwik, with trigger on all pages.
I know i can’t see the cookie in my network tab, but Cookiebot will also detect cookies, which is only set when a button to a youtube video overlay is clicked, as an example. That cookie i can’t see in my network tab either.
FWIW: I have a client who uses Cookiebot and after implementing just a simple Piwik PRO tracking code that only uses two _pk* cookies and nothing else, all possible cookies that might occur when using the full blown package including Tag Manager and Consent Manager occured in the consent modal… Even if they have not even a chance of being created under any circumstances.
Nevertheless I checked if those cookies exist and they don’t (like expected). Still they are mentioned in the dialog. So I do not see what Puiwik PRO (or me in that case with my own client) could possibly do to change that.
Thanks, I think the issue is that the Piwik script is being linked to from the website, where all the different cookies from Piwik is located. Cookiebot, scans the script from Piwik, and sees that our website is loading the script. However Cookiebot is not aware that there is no way the Cookie could be activated. It just sees that the script is present on the website, with the possibility to set the cookies.
I guess there is just a database with vendors and possible known cookies, maybe (or maybe not) combined wit a real cookie scanner. So if the tool shows cookies that do not exist I guess / hope it is also possible to delete all entries that are irrelevant. However, solving this problem is something that can only be done in Cookiebot.
I have checked the script that Piwik loads on the website and 3 times in the script the “stg_externalReferrer” cookie is mentioned. So the cookie does exist on the website, it is just not being used, which is why the example value is null.
I guess you could look it both ways, if my settings in Piwik can’t allow the cookie to be used on my website, why should it even show up in the code?
But oh well, now i know why it’s showing up.