Google Adsense GDRP prompt doesn't show correctly

After implementing Googles required GDRP prompt, your users might not see it correctly
Google Adsense GDRP prompt doesn't show correctly

The issue

Background

To meet with new GDPR requirements, EU (EEA anf UK) resident's needs to consent to seeing advertisements starting early 2024 or ads will not be displayed in those regions

20230830_1001_64eed2fc902f2.webp

If you're using Google Adsense, you'll most likely end up implement Google's own EU prompt (GDPR). Otherwise you'll need to either use a Google Certified CMP or stop serving ads to EU users

Google also offer CPRA (California, USA), LGPD (Brazil) and Ad blocking recovery (message if adblocker is detected)

Cause

If you're using CSP (Content Security Policy) and especially if you set it up to be strict, there's a big chance not all URL have been added to the allow list

20230830_1001_64eed61c2de87.webp

Once we implemented the GDRP notice ourselves, we saw in the browsers DevTools that below URL's where flagged as "Refused to load the ..."

- https://fonts.googleapis.com [style-scr] - https://lh3.googleusercontent.com [img-src] - https://fonts.gstatic.com [font-src]

Solution

Add missing CSP rules

In nginx (our example will be based on) or apache, you'll need to add these additional URL's to the except list

Open up the config where you have your CSP rules, it's normaly in either nginx.conf or conf.d/yoursite.conf, if you have a site specific config

Here you need to add the URL that was listed in DevTools with "Refused to load the ...", for us that were three URLS and they need to be added to the area they are needed in

add_header Content-Security-Policy "default-src 'self'; style-src https://*.googleapis.com; img-src 'self' https://*.googleusercontent.com; font-src https://*.gstatic.com;

You probably have lots of rules in here already, so all we need to do is just add the missing URLs to the correct area

Reload nginx/apache

After you have adjusted the config, it's important that you reload nginx/apache for the changes to take affect

nginx in CentOS

sudo systemctl reload nginx

Command can vary slight depending what operating system you're running. If in doubt, please reference your system

Loads correctly

20230830_1001_64eed659df26d.webp

Now the GDRP message should be displayed correctly

Should you still have issues, verify DevTools that you didn't miss anything and that nginx/apache was reloaded

Ad blocking recovery

Once you're add the GDPR message, you might be tempted to also add Ad blocking recovery. We did and found out this also add an additional URL we need to exempt in CSP

- https://fundingchoicesmessages.google.com

We sometimes publish affiliate links and these always needs to follow our editorial policy, for more information check out our affiliate link policy

You might also like

Waking up during the night to pee could mean you're peeing wrong
Health

Waking up during the night to pee could mean you're peeing wrong

Comments

Sign up or Login to post a comment

There are no comments, be the first to comment.