I came to know even embedding of youTube videos on website are also affected by GDPR law, even for this we need user consent. There is not much i can find on the internet how to make embedding of youtube videos GDPR compliance and how we can take user consent for this.
After digging for few days i found following link which say how we can use
https://foliovision.com/support/fv-wordpress-flowplayer/requests-and-feedback/youtube-and-gdpr
following link from google allow us to use it in no cookie option but is this compliance with GDPR https://www.youtube-nocookie.com/embed/MjZxCbMQmXg
Is there any easy way of getting user consent for all such as third party tools etc.
I'm currently working with a very similar issue.
The solution I have working so far is like this:
Install Cookie Consent Plugin from https://privacypolicies.com/cookie-consent/ and configure it
Wrap Youtube embeds with this sort of PHP:
if (isset($_COOKIE['cookie_consent_level']) &&
$_COOKIE['cookie_consent_level'] == "targeting-cookies") {
// If we are allowed to use targeting cookies,
// include the Youtube/FB/Google code.
print $youtube_embed_code;
print $google_retargeting_code;
print $facebook_pixel_code;
}
What that provides is code load on second page view (within 12 month window). If your default cookie setting is the most liberal, eg targeting-cookies, then all subsequent page views on your site for that visitor will include the appropriate embeds.
I'm close to getting something working on first page load, after approval is sought, but not quite there yet.
This plugin helped: http://wordpress.org/plugins/youtube-embed-plus/
Improved GDPR compliance options: YouTube no cookie, YouTube API restrictions, GDPR consent mode
To see how it works, without having to first download the plugin, I suggest watching this video: https://www.youtube.com/watch?v=lm_HIic6obw
Basically, there's a "preload" message displayed until the site visitor accepts the YouTube.com connection and cookies.
Related
What is the correct way to start using Instagram oEmbed feature? Documentation (https://developers.facebook.com/docs/instagram/oembed/) claims that I have to pass App Review to start using the feature. And application form says Please provide a URL where we can test Oembed Read. Which I don't have because I have no access to the feature.
What I have tried with no success:
I requested instagram_oembed resource with:
app token of application in live mode
app token of application in
development mode
passed URL to a post by official Instagram account
(e.g. https://www.instagram.com/p/CQG4gZxMzzO/)
passed URL to a post
of a user who is Admin of the app
In all cases I receive (#10) To use 'Oembed Read', your use of this endpoint must be reviewed and approved by Facebook. To submit this 'Oembed Read' feature for review please read our documentation on reviewable features: https://developers.facebook.com/docs/apps/review.
Example of the request I do https://graph.facebook.com/v11.0/instagram_oembed?url=https%3A%2F%2Fwww.instagram.com%2Fp%2FCQG4gZxMzzO%2F&access_token=appAccessToken
We're also suffering from this issue, but so far, we thought we already figured out how to do that.
Big picture
Facebook had not sorted this thing out correctly. Or at least, we don't know why they put such a restriction to this API.
The official document is not correct. (or at least not accurate for now, for some part)
Which part was not correct?
The access token part is not right. Or at least, it's the most confusion part.
How can we resolve this?
Use the Graph API Explorer
Adjust your token(App token, Client access token, user token) with the official URLs(see below) to see if you can get the result
most of us should be able to get the result with user access token, which means you have to access this API after login!
Integrate into your app for review
The review page is also confusing:
Please provide a URL where we can test Oembed Read. Include the URL of a page, post or video from our official Facebook or Instagram pages, or the pages themselves., it means you can only use links like https://www.facebook.com/instagram or https://www.facebook.com/facebook
With that in mind, so far, the only way to get approved is integrate your oembed usage into your normal UI with facebook user access token ready
Question to the big picture
So, we have to ask user to login with our facebook app, then we can provide this oembed read API returned embed HTML? I'm afraid that's what we have now.
big companies might be able to apply for App Token, I guess in that scenario, facebook login is not necessary
for small companies, indie developers, hmmm, I don't know any better solutions so far.
I have run into this too. I do not have an answer at this time, I just want to report on the frustrations of their 'app review' process. Which makes it feel like you are unlikely to get it to work any time soon.
We have a custom embed code for our weblog authors to use (a shortcode kind of thing) which does the oEmbed call. We just take the HTML from the resulting JSON, and insert it into the weblog article page, and that is it. It stopped working, presenting this same error - in live mode, and in development mode.
The kicker is, I then tried submitting it for app review. Filled out everything I could to the best of my knowledge. Provided them a test account and post on our weblog to show the shortcode editing and expected placement. We got rejected. Why? Your embedding resulted in an error, we can't see it in action to approve you.
Yes. The error I am getting is that I need my 'app' to be reviewed and approved.
This is an infuriating process. This is the only Facebook / Instagram API feature we use at this point. No user data. No attempt to make an Instagram clone app or anything like that. Just an embed.
And they are making this simple use case as impossible to use as they can. And the documentation also feels like an infinite loop. They say users of the old Instagram embed call have until September 7 2021 to get approved. But the call does not work at all because we are not approved. So we cannot get approved.
Same loop here. I've managed to report it to Facebook team and get answer "Just submit your Instagram post URL"! I can't believe it, its can't be so simple. I've confirmed it few times with Facebook team person and.... get rejected!
Also, second form in App Review process will LOWERCASE all of your links and I've spent few days just to explain it to reviewers and support person. Still rejected after submitting proper url. This is insane.
My another attempt was about to build a test page where I can auth via Facebook account, parse connected Instagram accounts and GET embed endpoint with user access key in hope that reviewer HAS access to oembed feature - REJECTED. I can't even find what permission I need to add to auth URL to obtain oembed thing.
Will update my answer with new information later.
UPDATE: After reporting about the issue with lowercase URL in submission form they just APPROVED my app without APP REVIEW. Well... Facebook style...
I had exactly the same problem recently. Updated the packages with compose, changed the API version from 10 to 11... without any change.
The error was also occurring in development mode, it didn't make sense that Facebook was asking to approve in dev mode.
For me, the problem came from the management of scopes in my application, depending on the version of the Facebook API used.
My advice: check the scopes defined with API version in your code first.
I had the same issue and the solution is very simple. The only thing you need to do is copy paste an instagram url in the input field saying: Please provide a URL where we can test Oembed Read.
I did the this link: https://www.instagram.com/p/G/
Which is actually the first instagram post :) Got approved. Hope this helps everybody!
We just started an advertisement with Facebook and are curious if there is a way to track who has visited our website by clicking our website link on our Facebook page? I am very pleased with all of the ways to track the performance of our ad on Facebook and want to see if people are not only 'liking' our page, but visiting our website to learn more about us. Any information would be helpful :)
This is our website if you need to look into it further:
http://drkennethlevine.webs.com/
I don't know how much you can change about your website or how it is built. However there is a way to track where the users who visited your page from. Use the http reffer field.
In php (and probably in most other languages) you can get the refer link by using
$_SERVER['HTTP_REFERER'];
The refer field contains the last page visited by the user.
Simply count the number of users that are surfing from your facebook page to your website.
You can use $_SERVER['HTTP_REFERER']; as mentioned by #fake, or simply use Google Analytics, which will provide you a lot of statistics for free, including referers, stats by browsers, countries...
All you have to do is create a GA account, and link your website to your account (you'll have a few javascript lines to add in your footer for it)
This issue is very common in stackoverflow, and there's a lot of different questions and answers about it, yet I couldn't find exactly what I need.
First, I'd like to define exactly what I need: the option to let users log in to my app using their Facebook credentials. The app will save a matching classic Django user. I will only need to use the user's profile picture and to make sure that each time the same Facebook user will be related to the matching Django user.
Unfortunately, I find it really frustrating to implement for the following reasons:
By now, after reading a lot, I couldn't find out what is the best package for this task.
Some people recommend django-social-auth and praise its functionality and documentation. Personally, I don't understand why, since it's not specifically for Facebook and there are no explanations about the client side, i.e the Facebook login button and how the whole flow works.
When you go to Facebook developers, you suddenly find yourself reading about some magical javascript sdk, and about a promise that that's all you need. Then you get frustrated again and can't understand how a client side related sdk can sign up users to your app.
I know developers somehow implement Facebook auth packages in their apps, but I just can't figure out how to do it.
If anyone could tell me: at this time point, what is the best way to add Facebook authentication to my Django app? I would also ask for detailed documentation / tutorial that explains how to log in a Facebook user, from settings and configuration level through signup to Django app and to client side code.
There are multiple ways to approach the problem, what is the "best" way is really subjective.
Subjectively speaking, you could opt for django-allauth. Here are a few pointers to help you get started:
If you want to keep the signup simple, set SOCIALACCOUNT_AUTO_SIGNUP to True in order to achieve a "no questions asked" login. Users simply approve the FB dialog and they end up logged in in your site right away.
Adding a login button to your template is merely a matter of:
Sign In
The app offers support for the JS SDK login (pro: users are accustomed to the typical FB popup that appears), or you can use your own OAuth flow. Whatever you please.
The fastest way understand FB's Oauth 2.0 flow is to play with FB's Javascript SDK. Once you get the hang of it, the FB's PHP library is similar. Also, other OAuth sites like Google, Twitter or Dropbox have almost identical implementation.
In baby steps:
Learn how to install FB Javascript SDK onto a simple page
Use FB.login to determine login status and obtain the login url.
Lastly, use FB.Event.Subscribe and subscribe to auth.statusChange to detect the login/logout changes.
Also, good to check out https://developers.facebook.com/roadmap/ on the upcoming features or features being removed.
django-social-auth is not just for Facebook, but that doesn't mean you should use all the backends available.
Project documentation is at http://django-social-auth.readthedocs.org/en/latest/index.html and Facebook backend details at http://django-social-auth.readthedocs.org/en/latest/backends/facebook.html.
Update: I have split my original question into two to let each one be more cohesive.
According to EU Article 5(3) of the E-Privacy Directive (a.k.a 'The Cookie Laws'), web sites that target EU users have to gain opt-in consent from users before they set a cookie.
See ICO Guidence
I am trying to square this with Google Adsense on my web site.
I would imagine that Google Adsense can serve ads without having to set cookies.
However, I cannot find any info on this (on the Google sites/settings panels) about how to relay information about the 'state of consent' back to Google during a page request. So, my only option seems to be that I should not embed Google tag code at all if the user has not explicitly given consent. Which seems a bit drastic.
Letting my serverside script set a 'hasConsentedToCookies=FALSE' flag in the JavaScript tags would allow me to instruct Google's services to run in a gracefully degraded fashion.
Is there a setting on Google Adsense to suppress use of cookies
for users that have not yet given consent?
If so, where can I find info on this?
No, there isn't a setting in Google AdSense. Google actually just released a note about changes to the consent policy in July 2015 pointing you to a Google site called Cookie Choices, which has information about EU consent as well as links to third party solutions for managing cookie consent functionality on your sites.
So the short answer is that you need to explore the third party tools and choose the one that best addresses your particular case.
I recently put a django project of mine into its beta stages and would really like to integrate more with social media, particularly facebook.
Now there are so many facebook integrations out there... I don't know where to start but, I'll tell you what I am after.
My sites publishes content with photos and also user related data (which site doesn't)
on each individual page I already have a facebook like button that basically has the absolute url of that page
so for instance:
http://my-site.com/url-1
http://my-site.com/url-345345
http://my-site.com/url-456456456
When a user likes this particular url I would like them to become a Fan on my facebook site/page as well.
I also added the FB opengraph tool which is a bit more informative once a user likes it. But it still does not publish any statistics to my page.
Can someone give me a bit of an understanding on what the best option is for this type of integration?
As a security option for the user, Facebook has never allowed third party access to "become a fan."
If you want to record locally when someone presses the "Like" button, you'll have to implement it locally (copy the presentation, and query Facebook yourself), so you can intercept the event. I've done that; it's not too hard.
I suggest you review the Connect Terms of Service to see what it is you're allowed to do: http://developers.facebook.com/policy/