Initial public release of COOKR CORE.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3554198,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3554198,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3554078,"resolution":"1544x500","location":"assets","locale":"","width":2081,"height":756},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3554078,"resolution":"772x250","location":"assets","locale":"","width":2203,"height":714}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.9.8","1.9.9"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3554110,"resolution":"1","location":"assets","locale":"","width":1200,"height":601},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3554110,"resolution":"2","location":"assets","locale":"","width":1200,"height":693},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3554110,"resolution":"3","location":"assets","locale":"","width":1200,"height":710},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3554110,"resolution":"4","location":"assets","locale":"","width":1200,"height":669},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3554110,"resolution":"5","location":"assets","locale":"","width":525,"height":828},"screenshot-6.png":{"filename":"screenshot-6.png","revision":3554110,"resolution":"6","location":"assets","locale":"","width":525,"height":683},"screenshot-7.png":{"filename":"screenshot-7.png","revision":3554110,"resolution":"7","location":"assets","locale":"","width":525,"height":853}},"screenshots":{"1":"COOKR admin interface with live banner preview","2":"Consent banner \u2014 default view","3":"Consent preferences panel with granular category toggles","4":"Runtime Inspector debug panel"}},"plugin_section":[],"plugin_tags":[14361,20011,389,131785,396],"plugin_category":[54],"plugin_contributors":[264974],"plugin_business_model":[],"class_list":["post-318207","plugin","type-plugin","status-publish","hentry","plugin_tags-compliance","plugin_tags-consent","plugin_tags-cookies","plugin_tags-gdpr","plugin_tags-privacy","plugin_category-security-and-spam-protection","plugin_contributors-danjed","plugin_committers-danjed"],"banners":{"banner":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/banner-772x250.png?rev=3554078","banner_2x":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/banner-1544x500.png?rev=3554078","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/icon-128x128.png?rev=3554198","icon_2x":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/icon-256x256.png?rev=3554198","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/screenshot-1.png?rev=3554110","caption":"COOKR admin interface with live banner preview"},{"src":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/screenshot-2.png?rev=3554110","caption":"Consent banner \u2014 default view"},{"src":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/screenshot-3.png?rev=3554110","caption":"Consent preferences panel with granular category toggles"},{"src":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/screenshot-4.png?rev=3554110","caption":"Runtime Inspector debug panel"},{"src":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/screenshot-5.png?rev=3554110","caption":""},{"src":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/screenshot-6.png?rev=3554110","caption":""},{"src":"https:\/\/ps.w.org\/cookr-cookie-consent-script-blocking\/assets\/screenshot-7.png?rev=3554110","caption":""}],"raw_content":"\n
Most consent plugins operate at the UI layer.<\/p>\n\n
COOKR operates at the runtime layer.<\/p>\n\n
Scripts are intercepted server-side before the browser receives them. Third-party services requiring consent are neutralized before execution and restored only after consent has been granted.<\/p>\n\n
No external consent cloud. No proxy layer. No visitor data leaving your site.<\/p>\n\n
COOKR CORE includes:<\/p>\n\n
window.cookrConsent<\/code>)<\/li>\n- Self-hosted operation \u2014 no external services required<\/li>\n<\/ul>\n\n
COOKR is designed for developers, agencies, and privacy-conscious site operators who want operational visibility into what actually executes at runtime.<\/p>\n\n
Runtime-first<\/h4>\n\n
Traditional consent tools often rely on JavaScript execution order and client-side conditions. Scripts may already execute before consent logic initializes.<\/p>\n\n
COOKR intercepts scripts in the PHP output buffer using WP_HTML_Tag_Processor<\/code> before delivery to the browser.<\/p>\n\nThere is no race condition.<\/p>\n\n
Auto-Blocker<\/h4>\n\n
Enable in Settings. Off by default.<\/p>\n\n
When enabled, COOKR rewrites matching script tags and iframe tags server-side \u2014 setting type=\"text\/plain\"<\/code> and preserving original attributes in data-cookr-*<\/code> attributes for restoration after consent.<\/p>\n\nTest after enabling when using WP Rocket, LiteSpeed Cache, NitroPack, or Cloudflare Rocket Loader.<\/p>\n\n
Runtime Inspector<\/h4>\n\n
The Runtime Inspector exposes third-party runtime activity directly in the browser \u2014 blocked scripts, restored services, iframe activity, detected domains.<\/p>\n\n
Enable in Settings. Append ?cookr_debug=1<\/code> to any frontend URL while logged in as administrator.<\/p>\n\nCSP-aware<\/h4>\n\n
COOKR supports strict Content Security Policies without requiring unsafe-inline<\/code>.<\/p>\n\nRestored scripts preserve CSP integrity via automatic nonce propagation. COOKR reads the nonce WordPress assigns to enqueued scripts at request time and passes it to restored scripts \u2014 no manual configuration required.<\/p>\n\n
Developer JS API<\/h4>\n\ncookrConsent.has('analytics')\ncookrConsent.require('marketing', callback)\ncookrConsent.whenConsented('analytics').then(fn)\ncookrConsent.on('consent' | 'change' | 'decline' | 'reset', handler)\ncookrConsent.off(event, handler)\ncookrConsent.getConsent()\ncookrConsent.getExpiry()\ncookrConsent.categories()\ncookrConsent.reset()\n<\/code><\/pre>\n\nConsent Categories<\/h4>\n\n\n- Necessary<\/strong> \u2014 Always active.<\/li>\n
- Analytics<\/strong> \u2014 GA, GTM, Matomo, Hotjar, Clarity, etc.<\/li>\n
- Marketing<\/strong> \u2014 Meta Pixel, Google Ads, TikTok, LinkedIn, etc.<\/li>\n
- External Media<\/strong> \u2014 YouTube, Vimeo, Google Maps, etc.<\/li>\n<\/ul>\n\n
Does COOKR require an external cloud service?<\/h4>\n\n
No. COOKR runs entirely on your WordPress installation.<\/p>\n\n
Does visitor consent data leave the server?<\/h4>\n\n
No. Consent data is stored locally on your site.<\/p>\n\n
Is the Auto-Blocker enabled by default?<\/h4>\n\n
No. Enable and test it after installation, particularly when using caching or JavaScript optimization plugins.<\/p>\n\n
Which services can be blocked?<\/h4>\n\n
Any third-party script or iframe matching configured domains. Examples: Google Tag Manager, Meta Pixel, YouTube embeds, TikTok Analytics.<\/p>\n\n
Does COOKR support Google Consent Mode v2?<\/h4>\n\n
Yes. Enable in settings when using GTM or GA4.<\/p>\n\n
How do I inspect runtime activity?<\/h4>\n\n
Enable the Runtime Inspector in settings and append ?cookr_debug=1<\/code> to any frontend URL while logged in as administrator.<\/p>\n\nDoes COOKR store personal data?<\/h4>\n\n
The consent log stores a hashed IP (not the raw IP address), consent choices, and a timestamp. Raw IP addresses are never written to the database.<\/p>\n\n
Is COOKR compatible with strict CSP?<\/h4>\n\n
Yes. COOKR automatically reads the nonce WordPress assigns to enqueued scripts and passes it to restored scripts, preserving compatibility with strict-dynamic<\/code> CSP policies. No manual configuration is required.<\/p>\n\nWhat WordPress version is required?<\/h4>\n\n
WordPress 6.2 or higher. COOKR uses WP_HTML_Tag_Processor<\/code> for safe, attribute-aware script rewriting, introduced in WP 6.2.<\/p>\n\nExternal Services<\/h3>\n\n
This plugin does not connect to any external service by default.<\/p>\n\n
The auto-blocker contains a built-in list of known third-party domains (such as googletagmanager.com, connect.facebook.net, maps.googleapis.com, etc.) that is used purely as a local reference to identify and block scripts before consent. No data is sent to these domains by this plugin \u2014 the list is pattern-matching data stored locally in the plugin code.<\/p>\n\n\n
1.9.9<\/h4>\n\n\n- Added close\/dismiss control to preferences panel without changing stored consent<\/li>\n
- Fixed Escape key behaviour \u2014 existing consent is not overwritten when closing preferences<\/li>\n
- Hardened COOKR configuration output against JavaScript optimization and combination plugins<\/li>\n
- Added automatic compatibility exclusions for LiteSpeed Cache, WP Rocket, and FlyingPress<\/li>\n<\/ul>\n\n
1.9.8<\/h4>\n\n\n- Fixed accent colour not persisting in admin preview after page reload<\/li>\n
- Fixed iframe placeholder elements not inheriting accent colour on frontend<\/li>\n
- Fixed runtime inspector debug URL visibility after enabling inspector<\/li>\n
- Text domain corrected to match plugin slug<\/li>\n
- Restored original runtime inspector debug panel (cookr-debug.js)<\/li>\n<\/ul>\n\n
1.9.6<\/h4>\n\n\n- Compliance improvements for WP.org review<\/li>\n
- Removed generic CDN entries from auto-blocker allowlist<\/li>\n
- Export uses explicit allowlist for safe settings only<\/li>\n
- Build tooling improvements<\/li>\n<\/ul>\n\n
1.9.2<\/h4>\n\n\n- Initial public CORE release<\/li>\n
- 3\u00d73 visual position picker replaces dropdown<\/li>\n
- Accent colour now applies to banner icon and buttons in preview<\/li>\n
- Auto-Blocker wording updated \u2014 recommended framing, test-after-enable guidance<\/li>\n
- Runtime Inspector enabled by default<\/li>\n
- Preserve data on uninstall enabled by default<\/li>\n
- Consent log default retention reduced to 100 entries<\/li>\n<\/ul>\n\n
1.8.2<\/h4>\n\n\n- Added: Runtime Inspector \u2014 detects unknown third-party script and iframe domains at runtime<\/li>\n
- Added: Persistent findings stored per domain (first seen, last seen, page count)<\/li>\n
- Added: Runtime Inspector toggle with configurable auto-disable duration<\/li>\n<\/ul>\n\n
1.2.0<\/h4>\n\n\n- Added: Google Consent Mode v2<\/li>\n
- Added: debug inspector<\/li>\n
- Added: browser chrome preview in admin dashboard<\/li>\n<\/ul>\n\n
1.1.0<\/h4>\n\n\n- Plugin renamed from GDPR Cookie Consent to COOKR<\/li>\n
- Added: WP_HTML_Tag_Processor for safe, attribute-aware script rewriting<\/li>\n
- Added: CSP nonce propagation<\/li>\n<\/ul>\n\n
1.0.0<\/h4>\n\n\n- Initial release<\/li>\n<\/ul>","raw_excerpt":"Runtime-first consent infrastructure for WordPress. Self-hosted. No external consent cloud.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/318207","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=318207"}],"author":[{"embeddable":true,"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/danjed"}],"wp:attachment":[{"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=318207"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=318207"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=318207"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=318207"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=318207"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/he.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=318207"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}