loading...

Why the GDPR and (Sitecore) device detection won’t work together

alexdhaenens profile image Alex Dhaenens ・2 min read

Mastering the magic (6 Part Series)

1) How make a Sitecore solution GDPR compliant 2) Why the GDPR and (Sitecore) device detection won’t work together 3 ... 4 3) The almighty sitecore Q? 4) Why combining sitecore and salesforce marketing cloud (SFMC) is a great idea 5) How to resize images from the media library with code 6) How to pass rendering parameters from Sitecore to React

As I’ve discussed in of my previous posts of this series, you can make your Sitecore solution GDPR compliant by blocking the analytics cookie and not starting the tracker unless consent was given. And it works great but, as I mentioned in the blogpost, some things won’t work. One of those things is personalization. Which is, as you think about it, quite logical: you aren’t allowed to track users so you can’t personalize (since you don’t have user information).

An attentive reader might say that there are personalization rules which do not require user information, and therefor, they should work. An example of those rules is the device detection rule: where device is of type smartphone. Since this rule uses the User Agent string (sent in the header of every request) it does not require any gathered user information or tracking. But, by not initializing the tracker, it won’t work. The questions are why and how do we make it work?

Why it doesn’t work

It doesn’t work because of two things. Firstly, the whole personalization of rendering is disabled when the tracker isn’t active. This means that no personalization rules are executed at all when the user did not give his consent. The disabling is done by the Personalize processor inside the mvc.customizeRendering pipeline, which is the pipeline that is started before rendering a component. That processor simply checks is the tracker is active and returns before executing the rules.

Secondly because the device detection rule fetches the User Agent string from the active tracker. If the tracker isn’t active, the device can’t be determined, and the rule will not be executed. When the device is being determined a pipeline, called getFallbackUserAgent, is started to determine the User Agent. In that pipeline is a processor, called Sitecore.Analytics.Pipelines.GetFallbackUserAgent.GetUserAgentFromTracker which , as the name suggests, get the User Agent from the tracker.

How to fix it

In order fix the first issue, where all personalization of a rendering is disabled, the checking of the tracker must be removed. This is easily done by creating your own processor which extends from the Sitecore.Mvc.Analytics.Pipelines.Response.CustomizeRendering.Personalize processor like this:

 public class YourProcessor : Sitecore.Mvc.Analytics.Pipelines.Response.CustomizeRendering.Personalize
    {
        public override void Process(CustomizeRenderingArgs args)
        {
            Assert.ArgumentNotNull(args, "args");
            if (args.IsCustomized)
            {
                return;
            }

            Evaluate(args);
        }
    }

And then patching that processor instead of the default one:

  <mvc.customizeRendering>
                <processor type="YourProcessor" patch:instead="processor[@type='Sitecore.Mvc.Analytics.Pipelines.Response.CustomizeRendering.Personalize, Sitecore.Mvc.Analytics']"/>
            </mvc.customizeRendering>

Issue two, where device detection gets the User Agent from the tracker, can be easily fixed by patching the Sitecore.Analytics.Pipelines.GetFallbackUserAgent.GetUserAgentFromTracker processor with a custom one, which should when the tracker is not enabled use the User Agent from the request:

public class CustomProcessor : GetFallbackUserAgentProcessor
    {
        protected override string GetUserAgent()
        {
            if (!XdbSettings.Tracking.Enabled || Tracker.Current?.Session?.Interaction == null)
            {
                return (string)System.Web.HttpContext.Current.Request.UserAgent;
            }

            return Tracker.Current?.Session?.Interaction?.UserAgent;
        }
    }

Which can be patched:

          <getFallbackUserAgent>
            <processor type="CustomProcessor" patch:instead="processor[@type='Sitecore.Analytics.Pipelines.GetFallbackUserAgent.GetUserAgentFromTracker, Sitecore.Analytics']"/>
          </getFallbackUserAgent>

Mastering the magic (6 Part Series)

1) How make a Sitecore solution GDPR compliant 2) Why the GDPR and (Sitecore) device detection won’t work together 3 ... 4 3) The almighty sitecore Q? 4) Why combining sitecore and salesforce marketing cloud (SFMC) is a great idea 5) How to resize images from the media library with code 6) How to pass rendering parameters from Sitecore to React

Posted on by:

alexdhaenens profile

Alex Dhaenens

@alexdhaenens

I'm a full stack software engineer & interested in all engineering things. But I'm really, really, passionate about software

Discussion

markdown guide