Secure Privacy Support Center

Search for any help questions or topics.

[CMP v1] How does automatic blocking work?

[CMP v1] Secure Privacy's auto-blocking mechanism allows comprehensive control over cookies, plugins, and scripts on your website, offers full-scale website privacy
Andrew Sidorkin
Updated 2 months ago

General working mechanism 

The Secure Privacy Scanner scans your website and identifies all cookies and plugins setting them. You can view a detailed report of your cookies and plugins inside the Scan Report.

Based on the Scan Report, we generate a JavaScript file. This file is unique for each domain. This file has detailed information on what scripts, pixels, and iframes to block. The list is editable and configurable in the dashboard using the Classification screen here - 

You can use this screen to add or remove any custom script that you want to block/unblock. Every time you save this list, the JavaScript file is updated with the latest list of scripts, iframes, and pixels.

NOTE: Automatic Cookie Blocking Secure Privacy will block all cookies except the essential ones from being set until a user has given their consent.

The modes above are as follows:

- v2 is a method of automatic blocking implemented by Secure Privacy. Under this category, the platform blocks all cookies from positioning on a visitor's device with the only exception being those that are considered essential. These typically involve cookies necessary for the websiteโ€™s operation, ensuring they can access and navigate necessary tools. However, beyond essential cookies, the user's consent is required. This means that no other cookie will be able to map itself onto the user's devices without their explicit agreement. This method is an advanced privacy protection tool that prioritizes the user's right to their own data and privacy.

"v1 blocking" represents an older, legacy version of blocking mechanisms. It has been kept intact for compatibility reasons to ensure older systems or platforms can still operate. Nonetheless, it is not recommended for new users at present because it may not offer the same level of rigidity, effectiveness, and sophistication as newer versions. As technology advances, privacy protection tools are constantly evolving, making the former versions like "v1 blocking" type as outdated. 

On the other hand, when the term "disabled" is active, it means that no blocking will take place at all. In this scenario, all cookies and services will be positioned without restriction. This status may be employed for manual blocking kinds where users can pick and choose which cookies or services they wish to allow because no automatic regulation or control is in effect. It's crucial to understand that utilizing this method implies that users are responsible for managing their own privacy and are okay with all cookies or services being positioned until they take steps to do otherwise. This gives the user utmost flexibility, but it also demands a greater responsibility for privacy maintenance.


Secure Privacy Auto-Blocking uses your scan results and cookie categorizations to know what to block. If a cookie has not been detected by the website scanner or is not categorized, it will not be controlled by the auto-blocking script. To ensure a successful implementation of the auto-blocking script, re-scan your site before beginning the implementation and ensure all cookies are categorized.

Technical working mechanism

The way it technically works is that each cookie setting script is identified and saved in a unique JavaScript file. The most 'advanced' JavaScript feature that Secure Privacy uses is MutationObserver, which is compatible with all major browsers as well as IE11. The observers registered with Secure Privacy checks the script loading pattern and blocks them until consent is given.


Blocking mechanism

Pixels - Secure Privacy will automatically block all pixel trackers if the automatic blocking is turned on.
Only upon receiving positive consent from the user, the pixels will be injected into the HTML DOM. For example, a Facebook Pixel will not work until the user accepts the respective consents for it.

Scripts - similar to pixels, Secure Privacy will also block the scripts to be injected inside the HTML DOM. For example, Google Analytics will not be inserted into your HTML until the user provides consent. This can cause a significant drop in your analytics and tracking of users.

Iframes - The list of blocked iframes can be managed using the Iframe tab on the blocking configuration screen. On all the blocked iframes, SP will automatically block and add an overlay showing that the iframe is blocked. This overlay will also contain a message and a button so that the user can consent to that particular iframe.


How to Block a new script, pixel, or iframe using Secure Privacy

In case sometimes you need to block a new script, you can do it easily using the Add Tag Blocking form, where you can specify the type of the script/iframe/pixel that you want to be blocked.

Was this article helpful?
๐Ÿ˜ž ๐Ÿ˜ ๐Ÿ˜ƒ