Cookies Dropping on HS-Hosted Pages Without Permission

SOLVE
lesliebartels
Contributor

Hi! We're currently using OneTrust to manage our cookies. The OneTrust tag and HubSpot tag are both managed through Google Tag Manager. GTM is configured for all domains hosted by HubSpot through Pages in Settings.

 

Example pages:

https://support.kemet.com/knowledge

https://go.kemet.com/05-2021-webinar-safety-capacitors-emi-preventing-harm 

 

The OneTrust tag is working for all of our domains EXCEPT for domains managed through HubSpot. These pages are still dropping the following unnecessary cookies onto a user's browser regardless of whether they have accepted cookies through the OneTrust banner:

_fbp

__hssc

hubspotutk

__hssrc

__hstc

 

Any thoughts on what I can do from the HubSpot settings menu or through the available Javascript files in our design manager to suppress these cookies until the user formally accepts? (I'm not a dev, so don't know how to use the API approach.)

 

Thanks in advance!

 

0 Upvotes
1 Accepted solution

Accepted Solutions
amwilie
Solution
Key Advisor | Elite Partner

@lesliebartels Just realized it's Hubspot managed pages you're having trouble with. I don't believe there's a way to remove the tracking code from Hubspot pages as it's automatically added. But you could add a trigger in GTM as stated in my previous post to run the following code to revoke consent :

var _hsp = window._hsp = window._hsp || [];
document.getElementById("removeCookies").onclick = function() {
    _hsp.push(['revokeCookieConsent']);
};
border

Alyssa Wilie

Web Developer at LyntonWeb

If this answer solved your question, please mark it as the solution!

View solution in original post

9 Replies 9
dennisedson
Community Manager

Hey @lesliebartels 

Did you make it anywhere with this?  @Kevin-C@Josh , any thoughts?

Thanks,

Dennis




Check out our Community Developer Blog
where we feature our Community driven developer podcast and how to content
0 Upvotes
Kevin-C
Recognized Expert | Partner

Hmm I'm not really sure how to approach this.

I'm curious, does HS drop in the cookies set to false or empty prior to the user accepting or rejecting them?

0 Upvotes
lesliebartels
Contributor

Hey @Kevin-C - How can I tell? Here's what I see when I inspect through the dev tool. This is prior to me accepting cookies: https://www.screencast.com/t/SPtUq6Gs

0 Upvotes
lesliebartels
Contributor

No progress yet, @dennisedson. Thanks for checking in.

0 Upvotes
lesliebartels
Contributor

@dennisedson or @Kevin-C any thoughts? Is this something that I can fix without a dev helping by building something through the API? Thanks!

0 Upvotes
lesliebartels
Contributor

@Kevin-C @dennisedson - can I assume that I need to get developer support (someone who can work with the API) to prevent this issue? Please confirm.

0 Upvotes
dennisedson
Community Manager

@lesliebartels , I believe you would be better off getting a developer to help you navigate this one. 

@Anton might be able to help 😉

Thanks,

Dennis




Check out our Community Developer Blog
where we feature our Community driven developer podcast and how to content
0 Upvotes
amwilie
Key Advisor | Elite Partner

Hey @lesliebartels 

 

Hubspot still tracks things like page views before even identifying the user so if you aren't using the Hubspot cookie policy banner those cookies will be added by the tracking code on page load (stated by an employee in this post).

GTM has variables for reading cookies that you could use to read whatever cookie OneTrust sets for determing consent and then using that variable to trigger the Hubspot tracking code if consent is given. You'd possibly need a developer to set this up but here's a blog post on how tot use cookies in GTM - https://www.analyticsmania.com/post/cookies-with-google-tag-manager/

border

Alyssa Wilie

Web Developer at LyntonWeb

If this answer solved your question, please mark it as the solution!

amwilie
Solution
Key Advisor | Elite Partner

@lesliebartels Just realized it's Hubspot managed pages you're having trouble with. I don't believe there's a way to remove the tracking code from Hubspot pages as it's automatically added. But you could add a trigger in GTM as stated in my previous post to run the following code to revoke consent :

var _hsp = window._hsp = window._hsp || [];
document.getElementById("removeCookies").onclick = function() {
    _hsp.push(['revokeCookieConsent']);
};
border

Alyssa Wilie

Web Developer at LyntonWeb

If this answer solved your question, please mark it as the solution!

View solution in original post