Since Smartsite iXperion 1.4b9, the Smartsite Publication Server comes with support for cookie regulation, such as the new Dutch Cookie Law (5 June 2012).

Channel Setting

To enable the Cookie Policy enforcement for a channel, set the "Enable cookie policy" flag in the channel:

Smartlet

Next, add the sml_CookiePolicy() Smartlet to your homepages. This Smartlet will present a list of Cookie Usage groups to accept.

These groups are:

• Strictly necessary cookies (NECESSARY)
  These cookies are strictly necessary to enable you to move about the site or to provide certain features you have requested.
• Functionality cookies (FUNCTIONAL)
  These cookies enhance the functionality of website by storing your preferences.
• Performance cookies (PERFORMANCE)
  These cookies help to improve the performance of the website, providing a better user experience.
• Online behavioral advertising cookies (BEHAVIOR)
  These cookies are used to tailor the advertising to each user.
• Unknown cookies (UNKNOWN)
  Cookies that have not been registered

The visitor can then choose to reject all categories except Strictly necessary cookies.

Smartsite will then test all cookie reads and writes according to the visitor's choice of accepted groups, and ignore reads and writes in rejected categories.

The sml_CookiePolicy() Smartlet has a show property you can use to specify how it presents itself.

Modes are:

• banner
  Shows a banner indicating the user should apply a policy if not yet set (only shown if no policy was chosen by the user yet)
• always
  Always shows the list with the current policy (or the defaults). This mode can be used for existing users to change their policy.

Registering cookies

Cookies are registered using the Cookie Policy Manager. By default, known cookies written by ASP.NET, Smartsite and add-on modules are already registered. Your sites may however use a number of custom cookies that will have to be registered as well.

To do this, you can use Smartsite logging (category: CookiePolicy). Any 'misses' (non-registered cookies) are logged by the cookie policy system, and the defaultEnabled property of the 'UNKNOWN' cookie group applies here.

Good practice when applying Cookie Policy to your site is to watch for 'CookiePolicy' log writes for a while, then adding the collected cookies.