JavaScript API

How to use the Cookie Consent JavaScript API

You can add additional options to the code snippet.

Javascript and CSS can be included from the CDN or hosted on your own site. Download source from GitHub.


This example places an informational (default) red and white Cookie Consent popup inside the content block of a website (instead of body).

It disables the regional law options and shows revoke option for everyone. A callback hook is used to enable or disable cookies when the consent changes. <head> <link rel="stylesheet" type="text/css" href="css/cookieconsent.min.css" /> </head> <body> <script src="js/cookieconsent.min.js"></script> <script> window.cookieconsent.initialise({ container: document.getElementById("content"), palette:{ popup: {background: "#fff"}, button: {background: "#aa0000"}, }, revokable:true, onStatusChange: function(status) { console.log(this.hasConsented() ? 'enable cookies' : 'disable cookies'); }, law: { regionalLaw: false, }, location: true, }); </script> </body>

Static configuration

cookieconsent.status (object)
Default: {deny: ‘deny’, allow: ‘allow’, dismiss: ‘dismiss’}

These are the possible values that the cookie can be set to.

cookieconsent.hasTransition (boolean)
Default: true (if transitions are supported by the browser)

Animations are set to true by default in cookie consent. This includes the fade in/out and slide up/down animations. Set this to false to disable all animations.

Main options

These are the main options that can be passed to the Cookie Consent tool.

enabled (boolean)
Default: true

This can be used to disable the popup. It is internally used to disable itself (if needed), but can be configured externally too.

container (HTMLElement)
Default: null

The tool is automatically appended to the HTML body. Use this option to select the parent element. Use autoOpen: false to prevent the tool automatically appending itself to any container.

It is recommended to set these values to correspond with your server. You MUST set the ‘domain’ option, otherwise your cookies may not work. (string)
Default: ‘cookieconsent_status’

Name of the cookie that keeps track of users choice

cookie.path (string)
Default: ‘/’

URL path that the cookie ‘name’ belongs to. The cookie can only be read at this location

cookie.domain (string)
Default: ”

The domain that the cookie ‘name’ belongs to. The cookie can only be read on this domain. Guide to cookie domains

cookie.expiryDays (integer)
Default: 365

The cookies expire date, specified in days (specify -1 for no expiry) (boolean)
Default: false

If secure is true, the cookies will only be allowed over https

Content options

Text strings used for cookie consent window elements.

content (object)
content: { header: 'Cookies used on the website!', message: 'This website uses cookies to improve your experience.', dismiss: 'Got it!', allow: 'Allow cookies', deny: 'Decline', link: 'Learn more', href: '', close: '&#x274c;', policy: 'Cookie Policy', target: '_blank', }

Overwrite these default options to change the content within the tool

Custom HTML options

elements (object)
elements: { header: '<span class="cc-header"></span>', message: '<span id="cookieconsent:desc" class="cc-message"></span>', messagelink: '<span id="cookieconsent:desc" class="cc-message"> <a aria-label="learn more about cookies" tabindex="0" class="cc-link" href="" target="_blank"></a></span>', dismiss: '<a aria-label="dismiss cookie message" tabindex="0" class="cc-btn cc-dismiss"></a>', allow: '<a aria-label="allow cookies" tabindex="0" class="cc-btn cc-allow"></a>', deny: '<a aria-label="deny cookies" tabindex="0" class="cc-btn cc-deny"></a>', link: '<a aria-label="learn more about cookies" tabindex="0" class="cc-link" href="" target="_blank"></a>', close: '<span aria-label="dismiss cookie message" tabindex="0" class="cc-close"></span>', }

This is the HTML for the elements above. Any word surrounded by ‘’ will be automatically replaced. The string will be replaced with the equivalent text above.
You can remove “” and write the content directly inside the HTML if you want.

ARIA rules suggest to ensure controls are tabable (so the browser can find the first control), and to set the focus to the first interactive control. Learn more about using Aria HTML elements.

window (string)
Default: <div role=”dialog” aria-label=”cookieconsent” aria-describedby=”cookieconsent:desc” class=”cc-window ”></div>

Window is the ‘container’ that houses the popup contents. It has the HTML class ‘cc-window’ and is used for the main positioning of the tool. The placeholders and both get replaced during initialisation.

Layout options

How the content window is built.

The cookie consent tool is built with two main display elements. The message, and the buttons. In this tool, the buttons are grouped into what we call a ‘compliance level’. If you want an ‘opt-in’ level of compliance, then you have two buttons where the default choice is ‘cookies are disable by default’. There are other levels of compliance too. The ones we have by default are stored in the ‘compliance’ option. You can see that the only difference between the compliance levels are the buttons which are used, and how cookies are handled by default

compliance (object)
compliance: { 'info': '<div class="cc-compliance"></div>', 'opt-in': '<div class="cc-compliance cc-highlight"></div>', 'opt-out': '<div class="cc-compliance cc-highlight"></div>', }

Each compliance level contains the HTML needed to render that level of compliance. The ‘cc-compliance’ class is used in the CSS to reference the group of buttons

type (string)
Default: info

The compliance type, which refers to the compliance above. The standard cookie consent popup is purely informational.

layouts (object)
layouts: { 'basic': '', 'basic-close': '', 'basic-header': '', }

Just like the ‘compliance’ buttons are built using the ‘’ markers, the main layout can be built too like this too. The word between these two markers tell the tool what each element is called.

Example: cookieconsent.initialise({ layout: 'my-cool-layout', layouts: { 'my-cool-layout': '<div class="my-cool-layout">\ </div>', }, elements: { pictureOfCat: '<img href="http://placekitten/300/300" />', }, content: { header: 'My awesome cat popup!' } });

layout (string)
Default: basic

The layout type refers to how the tool is rendered. See layouts above.

Position and Theme options

position (string)
Default: bottom

Position is used to describe where on the screen your popup should display. We also use ‘position’ to assume the shape of your popup. If you specify ‘top’ or ‘bottom’, we assume that a full width ‘banner’ is required. If however you specify a horizontal direction, we assume that a corner popup is required (which we call ‘floating’).

We add CSS classes ‘cc-banner’ if the popup displays as a banner, and ‘cc-floating’ if the popup displays as a floating window.

  • top, bottom – Banner
  • top-left, top-right, bottom-left, bottom-right – Floating

theme (string)
Default: block

Cookie Consent is themed, so users can create their own themes. The chosen theme is added to the popup container as a CSS class in the form of .cc-style-THEME_NAME. Available styles:

  • block (default)
  • edgeless
  • classic

Palette options

Colours can be defined in additional stylesheets or using attributes.

palette (object)
Default: null

If palette is set to null, colours have to be defined in CSS.

To pass the colours using attributes, use:
palette: { popup: {background: '#000000', text: '#fff', link: '#fff'}, button: {background: 'transparent', border: '#f8e71c', text: '#f8e71c'}, highlight: {background: '#f8e71c', border: '#f8e71c', text: '#000000'}, }

Highlight is optional and extends `button`. if it exists, it will apply to the rightmost button.
Only background needs to be defined for every element. If text or border colour is not set, it will be calculated from the background colour.

Revoke options

Some countries require consent to be revokable. Cookie Consent keeps track of these countries and adds a button to review the consent window.

revokable (boolean)
Default: false

If set true, revoke button is displayed every time. If false, revoke button is only displayed for advanced compliance options (opt-in and opt-out) and in countries that require revokable consent. The latter can be disabled by _regionalLaw _below.

revokeBtn (string)
Default: <div class=”cc-revoke ”>Cookie Policy</div>

This is the html for the revoke button. This only shows up after the user has selected their level of consent.

animateRevokable (boolean) 
Default: true

If true, the revocable button will translate in and out. Disabled by default for mobile devices.

Behaviour options

showLink (boolean)
Default: true

Used to disable link on existing layouts. If false, replaces element messagelink with message and removes content of link.

static (boolean)
Default: false

The popup uses position fixed to stay in one place on the screen despite any scroll bars. This option makes the popup position static so it displays at the top of the page. A height animation has also been added by default so the popup doesn’t make the page jump, but gradually grows and fades in.

dismissOnScroll (false | integer) 
Default: false

To disable, set to “false”. To enable, set to the number of pixels a user must scroll vertically in order to trigger the dismiss.

dismissOnTimeout (boolean | integer) 
Default: false

Set value as time in milliseconds to autodismiss after set time.

dismissOnWindowClick (boolean) 
Default: false

Set value as true to automatically consent when the user clicks anywhere.

ignoreClicksFrom (array of strings) 
Default: [‘cc-revoke’, ‘cc-btn’]

An array of class names only used with `dismissOnWindowClick`. Add a class name here to ignore clicks from that element.

autoOpen (boolean)
Default: true

This automatically opens the popup if the user hasn’t made a decision yet.

autoAttach (boolean)
Default: true

The tools HTML is automatically appended to the container by default. If you set this to false, you must attach it yourself:
var instance = new cookieconsent.Popup(options); document.body.appendChild(instance.element);

whitelistPage (array) Default: []
blacklistPage (array) Default: []

If set, cookie consent will not be displayed pages defined here. Specify pages using string or RegExp.

  • using a string : ‘/index.html’ (matches ‘/index.html’ exactly)
  • using RegExp : /\/page_[\d]+.html/ (matched ‘/page_1.html’ and ‘/page_2.html’ etc)

overrideHTML (string)
Default: null

If this is defined, then it is used as the inner html instead of layout. This allows for ultimate customisation.
Be sure to use the classes `cc-btn` and `cc-allow`, `cc-deny` or `cc-dismiss`. They enable the app to register click handlers. You can use other pre-existing classes too.

Callback hooks

Called at certain points in the program execution

onPopupOpen: function() {}
This is called when the popup is opened. It can be used to trigger an animation, or to attach extra handlers, etc.

onPopupClose: function() {}
This is called when the popup is closed. It can be used to clean up commands from onPopupOpen

onInitialise: function(status) {}
This is called on start up, with the current chosen compliance. It can be used to tell you if the user has already consented or not as soon as you initialise the tool.

onStatusChange: function(status, chosenBefore) {}
This is called any time the status is changed. This can be used to react to changes that are made to the compliance level. You can use the popup instance functions from within these callbacks too. I.E. ‘this.hasAnswered()’ and ‘this.hasConsented()’.

onRevokeChoice: function() {}
This is called when the user clicks the ‘revoke’ button. This means that their current choice has been invalidated.

Hooks can be used to disable cookies when consent is not given, and the generally extend the tool.

Location options

The location services are disabled by default. You are encouraged to implement a handler to your own service, rather than using the free ones provided.

To enable the basic location services, set ‘location’ to ‘true’. To add you own services or configure the order or execution, pass an object with configuration properties.

location.timeout (array)
Default: 5000 (milliseconds)

We can’t react to errors from script tag resources, so we set a timeout. If we don’t have the answer after 5000ms, try the next service. (array)
Default: [‘ipinfo’]

This array defines the services that you want to use. We attempt to get the country code from the first service, and only if the service fails do we move onto the next service. If all services fail, the popup is opened without modification.

If a service succeeds, then the two letter country code is passed to the ‘Law’ module, with changes your popup options depending on the cookie laws in the country code.

location.serviceDefinitions (object)

This can be used to define new services via a key, but new services they can also go straight into the ‘services’ array in an ad-hoc fashion. It is recommended that you define services in ‘serviceDefinitions’ and use ‘services’ to configure priority between services

Law options

law.countryCode (boolean)
Default: null

Rather than getting the country code from the location services, you can hard code a particular country into the tool.

law.regionalLaw (boolean)
Default: true

If false, then we only enable the popup if the country has the cookie law. We ignore all other country specific rules.

What's New at Osano

Chinese banner update

China passed a privacy law recently. The Personal Information Protection Law comes into effect in Nov.1 , 2021. It requires changes for obtaining consent from users for tracking, analytics, personalization and marketing. 

learn more

AI-powered Data Discovery, "No Fines, No Penalties" Pledge, $11M in funding

Today Osano is launching our AI-powered Data Discovery feature and introducing an industry-first "No Fines, No Penalties" Pledge. In addition, we're announcing $11 million in new funding. 

learn more

French banner consent configuration

In October 2020, the French Data Protection Authority changed its rules on cookies. This feature provides a consent-banner configuration that applies to French users and complies with the DPA's rules. 

Learn More

Nissenbaum Release

The Nissenbaum release includes "Text Customization for Consent Manager." Customers can now customize the language within your cookie pop-up. 

Release also includes "Upload Documents" for vendor monitoring.