My opinion is that politicians shouldn't mess with things they don't know anything about, like this internet thing.
You see, the intent is right (protecting the end user from privacy issues relating to third party cookies and beacons tracking their every online move), but right now they are only making our job harder for zero gain to the people supposed to benefit. Actually, we're now starting to throw popups, scary tech lingo and (commonly) ugly banners at users. How does that help anyone?
Anyway. This site uses one cookie to help the server know who you are to prevent authorizations and personal data from getting mixed up between users. I also track your every move on my website using Google Analytics and Gauges, which each set a few cookies of their own to see if you are new or have been here before. The collected data is aggregated before made visible on the respective sites: I cannot see what pages you specifically looked at, just what pages are being looked at and (again: aggregated) entrance/exit paths within the site. This data helps me figure out what people want to read and over time will increase your experience on my site.
If you do not approve of these cookies, please use your browser to disable cookies all together or browse in private mode. Or don't visit again, though I would hate to see you leave.
Still here? Awesome! Now I can tell you a bit about Cookies in MODX.
Cookies in MODX Revolution
Out of the box, MODX sets one (1) cookie, by default called "PHPSESSID", which, as the name might indicate, has to do with sessions. Specifically, it sets a session ID/hash which relates to a row in the sessions table. By doing this, the system knows in a simple way who you are, allowing you to stay logged in among other things.
In other words, it's an essential cookie that the infrastructure depends on. To my knowledge, that is a cookie which is allowed without asking for consent, at least in the Netherlands and the UK! If you absolutely don't want this cookie, you can change the MODX Session Handler to use the server default. In that case it could be the server that sets a session cookie, though.
If you want to follow this crazy law anyway, I would advise using Silktide's Cookie Consent plugin. It's free, looks good and they offer a sweet wizard to get the code set up.
Disclaimer: I am not a lawyer and while I hope this page is helpful to you, consult your favorite lawyers office if you want to comply to the law. I'm not responsible for your (lack of) action(s) following this post.
What's your favorite cookie flavor? Share it with the world in the comments section below.