• Maruf

    (@marufhandldigital)


    Does WPConsent support server-side WP Consent API? wp_has_consent() returns true pre-consent

    Environment:

    • WPConsent (Cookies Banner & Privacy Suite): 1.1.7
    • WP Consent API: 2.0.1
    • Consent model: opt-in
    • WordPress, PHP 7.3+

    I’m trying to gate cookies server-side (PHP) using the WP Consent API while WPConsent is active in opt-in mode, and the server-side consent check reports consent as granted before the visitor has accepted anything.

    On a fresh visit with no consent given:

    • wp_get_consent_type() returns “” (empty)
    • wp_has_consent('marketing') returns true
    • No wp_consent_marketing cookie exists at all

    Client-side, everything looks correct on the same page load: window.wp_consent_type is “optin” and the JS wp_has_consent(‘marketing’) returns false before consent. It’s only the server side where the type is empty and consent comes back as granted.

    How to reproduce — drop this into a plugin or the theme’s functions.php:

    add_action( 'wp_footer', function () { printf( '<script>console.log("CONSENT_DEBUG", %s);</script>', wp_json_encode( array( 'wp_get_consent_type' => function_exists( 'wp_get_consent_type' ) ? wp_get_consent_type() : 'missing', 'wp_has_consent_marketing' => function_exists( 'wp_has_consent' ) ? wp_has_consent( 'marketing' ) : 'missing', 'wp_consent_marketing_cookie' => isset( $_COOKIE['wp_consent_marketing'] ) ? $_COOKIE['wp_consent_marketing'] : null, ) ) ); } );

    Load the site in a fresh incognito window (no consent given) and check the console.

    Observed output:

    CONSENT_DEBUG { "wp_get_consent_type": "", "wp_has_consent_marketing": true, "wp_consent_marketing_cookie": null }

    Expected (opt-in, before consent):

    wp_get_consent_type = "optin" wp_has_consent(...) = false

    Why this matters: any plugin that sets cookies in PHP and checks wp_has_consent() before doing so will set them before consent, because the API reports consent as granted. WPConsent’s client-side script blocking can’t stop cookies that PHP sets during the request, so they end up loading before consent.

    Questions:

    1. With WPConsent active, why does wp_get_consent_type() return empty in PHP? Should it not report optin server-side the way it does client-side?
    2. Because the type is empty, wp_has_consent(‘marketing’) returns true before the visitor consents. Is server-side wp_has_consent() meant to be usable with WPConsent, or is consent enforced client-side only?
    3. If server-side is supported, is there a setting we’re missing to make wp_get_consent_type() / wp_has_consent() reflect consent state in PHP?

    Thanks for any clarification!

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Mircea Sandu

    (@gripgrip)

    Hi @marufhandldigital,

    Thank you for reaching out and sharing the detailed explanation. It looks like this is an issue on our end and we will fix this in the next release to set the consent type default based on the WPConsent settings.

    Please let me know if you would like us to send you a small code snippet to hook up the default consent type to the WPConsent settings before that update goes out so that you can continue using the plugin.

    Thread Starter Maruf

    (@marufhandldigital)

    Hi @gripgrip ,

    Thanks for confirming! No worries, we can wait for the next release, so we won’t need the patch snippet for now.

    Just for some context, I’m from the UTM Grabber team. One of our customers was trying to use WPConsent with UTM Grabber through the WP Consent API, which is how we came across the issue. We’re also working on a native WPConsent integration for our next release instead of relying on the WP Consent API.

    Once the integration is live, it could also be nice to put together a small joint blog post around using WPConsent with UTM Grabber. I think it could be useful for users of both plugins.

    Really appreciate you looking into this and getting the fix included. Looking forward to the next release!

Viewing 2 replies - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.