Klaro Cookie & Consent Management

Implements the Klaro Consent Manager JavaScript library into Drupal for GDPR-compliant cookie and consent management.

klaro
13,830 sites
45
drupal.org
gui api integration
cookie consent gdpr privacy consent management cookies external content analytics tracking compliance ePrivacy
Drupal 10 Drupal 11

Install

Drupal 11, 10 v3.0.8
composer require 'drupal/klaro:^3.0'

Overview

The Klaro Cookie & Consent Management module integrates the open-source Klaro consent manager JavaScript library into Drupal, providing a comprehensive solution for managing user consent for cookies, external services, and third-party integrations.

The module enables website administrators to configure which external services (such as Google Analytics, YouTube, Facebook, etc.) require user consent before loading. It provides a customizable consent dialog where visitors can grant or decline consent for individual services or groups of services organized by purpose.

Key capabilities include automatic detection and blocking of external resources, contextual consent dialogs for embedded content, cookie management with automatic deletion on consent revocation, and full support for multilingual sites. The module satisfies European privacy regulations including GDPR and the ePrivacy Directive by implementing privacy-by-default principles.

Features

  • Configurable consent/cookie manager dialog for site visitors with multiple display modes (silent, notice, modal)
  • Automatic attribution of external resources including scripts, iframes, images, audio, and video tags
  • Support for over 25 predefined services including YouTube, Vimeo, Google Analytics, Google Tag Manager, Matomo, Facebook, Instagram, TikTok, LinkedIn, and more
  • Purpose-based grouping of services (Analytics, Advertising, CMS, External Content, LiveChat, Security, Styling)
  • Contextual consent dialogs that display inline blocking overlays with thumbnail previews for embedded content
  • Cookie management with configurable deletion rules including regex matching, path, and domain specifications
  • Configurable storage options using either cookies or browser localStorage with customizable expiration
  • URL exclusion and disabling patterns to control Klaro behavior on specific paths
  • Text filter plugin for processing content in text formats
  • Full translation support via Configuration Translation module
  • Customizable styling with theme integration for Olivero, Claro, and Gin admin themes
  • Accessibility features including ARIA labels and keyboard navigation support
  • JavaScript callback code execution for custom integration logic per service
  • Unknown resource detection and logging for identifying uncovered external integrations

Use Cases

Basic GDPR Cookie Consent

Install Klaro, enable the 'Use Klaro! UI' permission for anonymous users, configure dialog_mode to 'notice', enable YouTube and Vimeo services if using embedded videos, and add the 'Analytics' service if using Google Analytics or Matomo. Visitors will see a consent notice and can manage their preferences.

Blocking External Embedded Content

Enable the YouTube, Vimeo, and social media services. Enable 'Process preprocess_field' and 'Process final HTML' in automatic attribution settings. External iframes and embeds will show contextual consent overlays with thumbnails until users accept.

Silent Mode with Contextual Consent Only

Set dialog_mode to 'silent' to disable the consent popup. Users will only see contextual consent dialogs when they encounter blocked external content. Useful for sites that want minimal intrusion while still blocking third-party content.

Strict Consent with Must-Consent Modal

Set dialog_mode to 'manager' for a full consent modal that must be interacted with before browsing. Enable 'Add close button' for compliance in countries requiring a reject option. Configure all services with appropriate purposes.

Detecting Unknown External Resources

Enable 'Log unknown resources' to have Klaro log any external resources without matching services. Review Drupal logs to identify integrations that need service configurations. Optionally enable 'Block unknown external resources' to block all unconfigured external content.

Custom Service Integration

Create a new service for your custom external integration. Add the source URLs/patterns to the 'Sources' field, configure appropriate purposes, add cookie patterns for deletion, and optionally add callback JavaScript code for custom consent handling logic.

Tips

  • Grant the 'Use Klaro! UI' permission to anonymous users - this is required for the consent dialog to appear for visitors
  • YouTube and Vimeo services are enabled by default; review and enable other services as needed for your site
  • Use the 'Log unknown resources' option temporarily to discover external integrations that need service configurations
  • For menu-based consent manager access, add a link with rel="open-consent-manager", href="#klaro", or class="open-consent-manager"
  • The Text Filter can be used for content added through text editors but field-specific preprocessing is preferred
  • When using Matomo, use the matomo_cookies service and add _paq.push(['requireCookieConsent']); to Matomo settings for cookie-only blocking
  • Process final HTML is experimental - test thoroughly as malformed HTML may cause issues
  • The module adds the active theme name as a class (e.g., klaro-theme-gin) for theme-specific styling

Technical Details

Admin Pages 6
Klaro! Settings /admin/config/user-interface/klaro

Main configuration page for the Klaro consent manager. Configure dialog behavior, button options, storage settings, automatic attribution processors, unknown resource handling, and styling options.

Text Settings /admin/config/user-interface/klaro/texts

Configure all text strings displayed in the Klaro consent dialogs. All texts are translatable for multilingual sites.

Services /admin/config/user-interface/klaro/services

Manage Klaro services (applications) that require user consent. Services define which external resources are blocked until consent is given.

Add Service /admin/config/user-interface/klaro/services/add

Create a new Klaro service configuration to manage consent for external integrations.

Purposes /admin/config/user-interface/klaro/purposes

Manage purpose categories for grouping services in the consent manager.

Add Purpose /admin/config/user-interface/klaro/purposes/add

Create a new purpose category for organizing services.

Permissions 2
Administer Klaro!

Allows a user to access any Klaro! settings. Grants access to all Klaro configuration pages.

Use Klaro! UI

Allows users to configure preferences using the Klaro! Consent Manager. Should be granted to anonymous users for the consent dialog to function.

Hooks 3
hook_preprocess_field

Allows modules to preprocess field output. Klaro uses this to automatically decorate iframe, oembed, html, video_embed_field_video, and simple_gmap field formatters.

hook_js_alter

Alters JavaScript files before they are output. Klaro uses this to mark script files for consent-based loading.

hook_page_attachments_alter

Alters page attachments. Klaro uses this to process manually attached JS files based on configured attachment identifiers.

Security Notes 4
  • The 'Administer Klaro!' permission has 'restrict access' set to true and should only be granted to trusted administrators
  • Callback code entered for services is executed as JavaScript - only trusted administrators should configure services
  • The Text Filter should only be enabled for text formats used by trusted content editors
  • XSS filtering is applied to contextual consent text fields allowing only a, em, and strong tags