Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat!: Decrease cookie expiration to 5 hours, only set cookie when necessary and only disable cookie if localeCookie: false is set #1487

Merged
merged 7 commits into from
Oct 30, 2024
Merged

feat!: Decrease cookie expiration to 5 hours, only set cookie when necessary and only disable cookie if localeCookie: false is set #1487

merged 7 commits into from
Oct 30, 2024
+179 −83

Conversation

amannn
Copy link
Owner

@amannn amannn commented Oct 29, 2024
edited
Loading

Changes

  1. The maxAge attribute of the locale cookie is decreased from 1 year to 5 hours in order to be GDPR-compliant.
  2. The locale cookie is now only set when the user's language doesn't match a requested locale. E.g. a user with accept-language: 'en' will cause a cookie to be set when /de is requested to remember the preference for de.
  3. localeDetection: false previously ambiguously also disabled the cookie from being set. This is no longer the case. For consistency, you can now use the explicit localeCookie: false option instead.

If you want to increase the cookie expiration, you can use the maxAge attribute to do so:

import {defineRouting} from 'next-intl/routing';
 
export const routing = defineRouting({
  // ...
 
  localeCookie: {
    // Expire in one year
    maxAge: 60 * 60 * 24 * 365
  }
});

Also, in case you relied on NEXT_LOCALE to always be available, please consider reading the locale e.g. via getLocale.

@vercel Vercel
Copy link

vercel bot commented Oct 29, 2024
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
next-intl-docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Oct 30, 2024 11:16am
next-intl-example-app-router ✅ Ready (Inspect) Visit Preview 💬 Add feedback Oct 30, 2024 11:16am
next-intl-example-app-router-without-i18n-routing ✅ Ready (Inspect) Visit Preview 💬 Add feedback Oct 30, 2024 11:16am

@amannn amannn changed the title feat!: Decrease cookie expiration to 5 hours and add GDPR docs feat!: Decrease cookie expiration to 5 hours and only disable cookie if localeCookie: false is set Oct 29, 2024
@amannn amannn mentioned this pull request Oct 29, 2024
Draft
7 tasks
@amannn amannn changed the title feat!: Decrease cookie expiration to 5 hours and only disable cookie if localeCookie: false is set feat!: Decrease cookie expiration to 5 hours, only set cookie when necessary and only disable cookie if localeCookie: false is set Oct 29, 2024
@amannn amannn marked this pull request as ready for review October 30, 2024 11:20
@amannn amannn merged commit b4e4d1d into v4 Oct 30, 2024
7 checks passed
@amannn amannn deleted the feat/cookie-gdpr branch October 30, 2024 11:21
amannn
amannn commented Oct 30, 2024
View reviewed changes
docs/src/pages/docs/routing.mdx

Please note that legal requirements may vary by region, so it's advisable to verify them independently. While we strive to keep this information as up-to-date as possible, we cannot guarantee its accuracy.

</Details>
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jorgebef Would you by chance like to have a look if this matches your understanding?

See rendered version.

Some context: This PR includes a few changes to the cookie handling for next-intl@4 that should make the package GDPR-compliant out of the box.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@amannn