CookieHub 2.9
CookieHub 2.9 is a major foundation update for the CookieHub widget. Much of the underlying widget architecture has been modernized and made more modular, while keeping the existing user interface and implementation flow unchanged.
The update improves consent logging, session reporting, region detection, hostname validation, Global Privacy Control handling, privacy framework support, and widget styling.
What’s new
Modernized widget architecture
CookieHub 2.9 introduces a more modular widget architecture and a new event broker for consent lifecycle events.
These internal changes make the widget easier to maintain and extend, while keeping the current user interface and existing implementation flow unchanged.
Improved consent logging and session reporting
Consent logging now uses updated backend infrastructure while keeping the existing consent logging functionality in place.
The update links consent actions more consistently with session data. This makes session reporting and consent rate reporting more accurate, especially for returning visitors and cases where visitors interact with the banner and then leave the website shortly afterwards.
These improvements allow CookieHub to show improved consent rate reports in the dashboard.
Right-to-left language support
The CookieHub widget now supports right-to-left layouts for Arabic, Hebrew, Persian, and Urdu.
Global Privacy Control support for California
CookieHub 2.9 adds support for the updated California requirement to acknowledge Global Privacy Control (GPC) signals.
When a visitor in California has GPC enabled, CookieHub acknowledges the signal instead of showing the default consent dialog. The preference center confirms that the opt-out signal was received and honored.
GPC-triggered opt-outs are also recorded in consent logs.
Hostname validation
CookieHub now includes hostname validation to help prevent the wrong CookieHub domain code from being used on a website.
Previously, if the wrong domain code was installed, the banner could still appear, but consent might not persist correctly because the configuration did not match the website where it was running. This could cause the banner to reappear or behave unexpectedly.
With CookieHub 2.9, the widget does not show the consent dialog when the domain code does not match the current hostname. This makes configuration mistakes easier to detect and avoids showing visitors a banner that cannot persist consent correctly.
New event system
CookieHub now includes an event system for programmatic integrations.
This allows custom code, single-page applications, and app platforms to subscribe to consent lifecycle events and react when consent is loaded, changed, or submitted.
Secure cookie setting
A new Secure cookie setting has been added for the CookieHub consent cookie.
Available modes:
- Off: current behavior. The Secure attribute is not added.
- Auto: the Secure attribute is added when the page is served over HTTPS.
- Force: the Secure attribute is always added.
For most production websites served over HTTPS, Auto is the recommended option.
Privacy framework updates
CookieHub 2.9 includes updates and fixes for Google Consent Mode, IAB GPP, IAB TCF, and Google’s Additional Consent.
Changes include:
- Updated Google Consent Mode region mappings for expanded US state coverage.
- Added the MSPA covered-transaction flag to IAB GPP US Privacy signals.
- Recorded GPC-triggered opt-outs in consent logs.
- Fixed duplicate disclosed vendors in Google’s Additional Consent.
- Removed stale vendor entries from Google’s Additional Consent.
- Added vendor privacy policy links when the preference center is configured to show services.
Improved Content Security Policy compatibility
Widget theming now uses CSS custom properties instead of an inline style tag.
This improves compatibility with websites that use stricter Content Security Policy rules and avoids requiring inline styles for standard widget theming.
Other improvements and fixes
CookieHub 2.9 also includes the following improvements:
- Consent timestamps in the preference center now use the visitor’s browser time zone.
- Added translations for the “all allowed” and “all denied” consent states.
- Fixed language switching so the interface reloads text in the newly selected language.
- Fixed duplicate locale file requests on page load.
- Services now inherit their parent category’s default consent state until the visitor responds.
- Do Not Track browser signals are now applied consistently to tracking category defaults.
- Fixed layout issues in the compact theme.
- Centered the “deny all” button text.
- Fixed rendering of the inline cookie declaration.
Recommended checks
The update is automatic for domains using the latest CookieHub widget script.
We recommend reviewing the following if they apply to your implementation.
Domain code installation
If the CookieHub dialog no longer appears after the update, check that the installed CookieHub code belongs to the correct domain configuration in the CookieHub dashboard.
This is most relevant for websites using multiple CookieHub domain configurations or a shared tag manager setup across several websites.
Custom CSS overrides
If your website uses custom CSS to override CookieHub styling, review the widget after the update.
Because CookieHub now uses CSS custom properties instead of an inline style tag, some highly specific CSS overrides may behave differently.
Included automatically in CookieHub 2.9
The following updates are included automatically when CookieHub 2.9 is loaded:
- Right-to-left language support.
- Updated GPC handling for California visitors.
- Updated Google Consent Mode region mappings.
- IAB GPP and IAB TCF fixes.
- Consent logging and session reporting improvements.
- Hostname validation.
- Updated widget styling infrastructure.
For the full technical list of changes, see the CookieHub 2.9 change log.
Need help?
If you have questions about the update or need help reviewing your setup, contact us at support@cookiehub.com.