Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@use-cookie-consent/core
Advanced tools
Readme
Headless state management for GDPR cookie consent
2kB
gzipped.
This repo was made to be framework-agnostic, so you can use it in any JavaScript project. If you use a UI library that we support, you should use the package for your library for best experience
This package is following this GDPR cookie guide which describes what you need for GDPR compliance. This hook mainly focuses handling the consent state of the different types of cookies as described in "Types of Cookies" in this page. Summarizing the mentioned document, there are three different ways to classify cookies:
The hook in this repository will provide a way to manage these types of cookies.
Using npm
:
npm i @use-cookie-consent/core
Using yarn
:
yarn add @use-cookie-consent/core
import { useCookieConsent } from '@use-cookie-consent/core';
export const YourComponent = () => {
const { consent, acceptAllCookies, declineAllCookies, acceptCookies } =
useCookieConsent();
return (
<div>
<h3>
{`Third-party cookies ${consent.thirdParty ? 'approved' : 'rejected'}`}
</h3>
<h3>
{`First-party cookies ${consent.firstParty ? 'approved' : 'rejected'}`}
</h3>
<button onClick={acceptAllCookies}>Accept all</button>
<button onClick={() => acceptCookies({ necessary: true, thirdParty: true })}>
Accept third-party
</button>
<button onClick={() => acceptCookies({ necessary: true, firstParty: true })}>
Accept first-party
</button>
<button onClick={declineAllCookies}>Reject all</button>
</div>
);
};
import { useCookieConsent } from '@use-cookie-consent/core';
export const YourComponent = () => {
const { consent, acceptAllCookies, declineAllCookies, acceptCookies } = useCookieConsent({
consentCookieAttributes: { expires: 180 } // 180 days
});
return (
// ...
);
};
Cookie attributes for the underlying js-cookie package, more info here.
useCookieConsent(options)
useCookieConsent
is the main hook in this library. You call it whenever you need to accept, decline, set or get cookies - so anything to do with cookies.
useCookieConsent({
defaultConsent?: CookieConsent,
consentCookieAttributes?: CookieAttributes;
})
This hook function returns following object:
{
consent: {
session?: boolean;
persistent?: boolean;
necessary?: boolean;
preferences?: boolean;
statistics?: boolean;
marketing?: boolean;
firstParty?: boolean;
thirdParty?: boolean;
};
acceptCookies: (cookies: CookieTypes) => void;
declineAllCookies: () => void;
acceptAllCookies: () => void;
didAcceptAll: () => boolean;
didDeclineAll: (opts?: CookieDeclineOptions) => boolean;
cookies: CookieWrapper;
}
CookiesWrapper
API to something that doesn't require a specific dependency (maybe just Storage API step?)If you want to contribute to this project, read our contributing guidelines first.
Following package was used as a starter for this project:
For non-issues please consider joining our Discord here!
FAQs
React hook for managing GDPR cookie consent state.
The npm package @use-cookie-consent/core receives a total of 935 weekly downloads. As such, @use-cookie-consent/core popularity was classified as not popular.
We found that @use-cookie-consent/core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.