Allow users to accept or reject cookies which are not essential to making your service work.
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content">
<p>We use some essential cookies to make this service work.</p>
<p>We’d also like to use analytics cookies so we can understand how you use the service and make improvements.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button value="accept" type="button" name="cookies" class="govuk-button" data-module="govuk-button">
Accept analytics cookies
</button>
<button value="reject" type="button" name="cookies" class="govuk-button" data-module="govuk-button">
Reject analytics cookies
</button>
<a class="govuk-link" href="#">View cookies</a>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{% set html %}
<p>We use some essential cookies to make this service work.</p>
<p>We’d also like to use analytics cookies so we can understand how you use the service and make improvements.</p>
{% endset %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
html: html,
actions: [
{
text: "Accept analytics cookies",
type: "button",
name: "cookies",
value: "accept"
},
{
text: "Reject analytics cookies",
type: "button",
name: "cookies",
value: "reject"
},
{
text: "View cookies",
href: "#"
}
]
}
]
}) }}
When to use this component
You must tell users about any cookies you’re using - or any similar technologies that store files on the user’s device, like HTML5 local storage or service workers. You must get the user’s consent before setting any cookies which are not essential to providing the service.
This cookie banner and the cookie page pattern are based on the approach to getting cookie consent used on the GOV.UK website.
You must not take this information as legal advice. Your organisation is responsible and accountable for what they do to comply with data protection legislation, such as:
- Privacy and Electronic Communications Regulations (PECR)
- General Data Protection Regulation (GDPR)
Check with your organisation’s privacy expert to see how data protection legislation affects your website and service.
How it works
Show the cookie banner when the user accesses your service for the first time.
Do not remove the cookie banner or set any non-essential cookies until the user has either:
- accepted or rejected cookies using the buttons in the cookie banner
- saved their cookie preferences on the service’s cookie page
Position the cookie banner after the opening <body> tag and before the ‘skip to main content’ link. If you’re using the Nunjucks page template, use the bodyStart block.
If you’re using essential cookies and analytics cookies
You can use this example text for a service which sets essential and analytics cookies.
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content">
<p>We use some essential cookies to make this service work.</p>
<p>We’d also like to use analytics cookies so we can understand how you use the service and make improvements.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button value="accept" type="button" name="cookies" class="govuk-button" data-module="govuk-button">
Accept analytics cookies
</button>
<button value="reject" type="button" name="cookies" class="govuk-button" data-module="govuk-button">
Reject analytics cookies
</button>
<a class="govuk-link" href="#">View cookies</a>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{% set html %}
<p>We use some essential cookies to make this service work.</p>
<p>We’d also like to use analytics cookies so we can understand how you use the service and make improvements.</p>
{% endset %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
html: html,
actions: [
{
text: "Accept analytics cookies",
type: "button",
name: "cookies",
value: "accept"
},
{
text: "Reject analytics cookies",
type: "button",
name: "cookies",
value: "reject"
},
{
text: "View cookies",
href: "#"
}
]
}
]
}) }}
If you’re using more than one type of non-essential cookie
You can use this example text for a service which sets:
- cookies which are essential to making the service work
- ‘functional’ cookies which remember the user’s settings, but are not essential to making the service work
- first party cookies to collect analytics information about how well the service is performing
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content">
<p>We use some essential cookies to make this service work.</p>
<p>We’d like to set additional cookies so we can remember your settings, understand how people use the service and make improvements.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button value="accept" type="button" name="cookies" class="govuk-button" data-module="govuk-button">
Accept additional cookies
</button>
<button value="reject" type="button" name="cookies" class="govuk-button" data-module="govuk-button">
Reject additional cookies
</button>
<a class="govuk-link" href="#">View cookies</a>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{% set html %}
<p>We use some essential cookies to make this service work.</p>
<p>We’d like to set additional cookies so we can remember your settings, understand how people use the service and make improvements.</p>
{% endset %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
html: html,
actions: [
{
text: "Accept additional cookies",
type: "button",
name: "cookies",
value: "accept"
},
{
text: "Reject additional cookies",
type: "button",
name: "cookies",
value: "reject"
},
{
text: "View cookies",
href: "#"
}
]
}
]
}) }}
If you’re only using essential cookies
You can use this example text for a service which only sets essential cookies.
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content">
<p class="govuk-body">We use some essential cookies to make this service work.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<a class="govuk-link" href="#">View cookies</a>
<button type="button" class="govuk-button" data-module="govuk-button">
Hide this message
</button>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
text: "We use some essential cookies to make this service work.",
actions: [
{
text: "View cookies",
href: "#"
},
{
text: "Hide this message",
type: "button"
}
]
}
]
}) }}
What to cover in your cookie banner
Include the name of the service in the banner heading to help users understand that the cookies you’re talking about are different from the ones set by the main GOV.UK platform.
You’ll need to change the example cookie banner text if your service:
- allows third parties to set cookies (tell the user that both your organisation and other organisations will be setting cookies)
- uses cookies for reasons other than collecting analytics information or remembering the user’s settings
Keep the text as short as possible while making sure it’s an accurate description of how you use cookies. For example, if you use more than one ‘functional’ cookie and there’s not enough space to mention what each of them does, you could ask for permission to set cookies so ‘you can use as many of the service’s features as possible’.
When the user accepts or rejects cookies using the cookie banner
If you’re using JavaScript to manage cookie consent, write your own JavaScript so that when the user accepts or rejects cookies in the banner:
- the cookie message is hidden using the
hidden attribute
- a replacement message is unhidden and displayed in place of the cookie banner
- a replacement message is displayed in place of the cookie message
- focus shifts to the replacement message
Give the replacement message the role="alert" and tabindex="-1" attributes, to allow the focus to shift and so assistive technology can read the message.
Here’s an example:
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content"></div>
</div>
</div>
<div class="govuk-button-group">
<button type="button" class="govuk-button" data-module="govuk-button">
Accept analytics cookies
</button>
<button type="button" class="govuk-button" data-module="govuk-button">
Reject analytics cookies
</button>
<a class="govuk-link" href="#">View cookies</a>
</div>
</div>
<div class="govuk-cookie-banner__message govuk-width-container" role="alert" hidden>
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<div class="govuk-cookie-banner__content">
<p>You’ve accepted analytics cookies. You can <a href="#">change your cookie settings</a> at any time.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button class="govuk-button" data-module="govuk-button">
Hide this message
</button>
</div>
</div>
<div class="govuk-cookie-banner__message govuk-width-container" role="alert" hidden>
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<div class="govuk-cookie-banner__content">
<p>You’ve rejected analytics cookies. You can <a href="#">change your cookie settings</a> at any time.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button class="govuk-button" data-module="govuk-button">
Hide this message
</button>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{% set acceptHtml %}
<p>You’ve accepted analytics cookies. You can <a href="#">change your cookie settings</a> at any time.</p>
{% endset %}
{% set rejectHtml %}
<p>You’ve rejected analytics cookies. You can <a href="#">change your cookie settings</a> at any time.</p>
{% endset %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
html: html,
actions: [
{
text: "Accept analytics cookies",
type: "button"
},
{
text: "Reject analytics cookies",
type: "button"
},
{
text: "View cookies",
href: "#"
}
]
},
{
html: acceptHtml,
role: "alert",
hidden: true,
actions: [
{
text: "Hide this message"
}
]
},
{
html: rejectHtml,
role: "alert",
hidden: true,
actions: [
{
text: "Hide this message"
}
]
}
]
}) }}
Unhide a replacement message confirming that the user has either accepted or rejected cookies by removing the hidden attribute.
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<div class="govuk-cookie-banner__content">
<p>You’ve accepted analytics cookies. You can <a class="govuk-link" href="#">change your cookie settings</a> at any time.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button class="govuk-button" data-module="govuk-button">
Hide this message
</button>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{% set acceptHtml %}
<p>You’ve accepted analytics cookies. You can <a class="govuk-link" href="#">change your cookie settings</a> at any time.</p>
{% endset %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
html: acceptHtml,
actions: [
{
text: "Hide this message"
}
]
}
]
}) }}
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<div class="govuk-cookie-banner__content">
<p>You’ve rejected analytics cookies. You can <a class="govuk-link" href="#">change your cookie settings</a> at any time.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button class="govuk-button" data-module="govuk-button">
Hide this message
</button>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{% set rejectedHtml %}
<p>You’ve rejected analytics cookies. You can <a class="govuk-link" href="#">change your cookie settings</a> at any time.</p>
{% endset %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
html: rejectedHtml,
actions: [
{
text: "Hide this message"
}
]
}
]
}) }}
Write your own code to:
- update the cookies you’re setting on that user’s device - including removing any types of non-essential cookies the service has set previously, but that the user is no longer consenting to
- set a cookie remembering that the user has seen the cookie banner and updated their cookie settings - this cookie should expire after 1 year
- remove the cookie banner if the user clicks on the ‘Hide this message’ button
- prevent the cookie banner being shown when the user moves on to a new page
If the user’s device is not running JavaScript
If the user’s device is not running JavaScript, display a version of the cookie banner which tells them what to do in order to set or change their cookie preferences. Do not set any non-essential cookies, because the user has not consented to them.
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content">
<p class="govuk-body">We use cookies to make this service work and collect analytics information. To accept or reject cookies, turn on JavaScript in your browser settings or reload this page.</p>
</div>
</div>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
text: "We use cookies to make this service work and collect analytics information. To accept or reject cookies, turn on JavaScript in your browser settings or reload this page."
}
]
}) }}
If your service only uses essential cookies, display a different version of the cookie banner to users whose devices are not running JavaScript.
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content">
<p class="govuk-body">We use some essential cookies to make this service work.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<a class="govuk-link" href="#">View cookies</a>
</div>
</div>
</div>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
text: "We use some essential cookies to make this service work.",
actions: [
{
text: "View cookies",
href: "#"
}
]
}
]
}) }}
Getting consent from users who are not running JavaScript
Some users will not be running JavaScript on their devices. If you’re using non-essential cookies and want to get consent from these users, you’ll need an approach that does not depend on JavaScript.
Show the replacement message confirming that the user has accepted or rejected cookies when they submit the form and the page has reloaded.
Here’s an example showing how it should work.
<form method="POST">
<div class="govuk-cookie-banner " data-nosnippet role="region" aria-label="Cookies on [name of service]">
<div class="govuk-cookie-banner__message govuk-width-container">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h2 class="govuk-cookie-banner__heading govuk-heading-m">Cookies on [name of service]</h2>
<div class="govuk-cookie-banner__content">
<p class="govuk-body">We use some essential cookies to make this service work. We’d like to set additional cookies so we can remember your settings, understand how you use the service and make improvements.</p>
</div>
</div>
</div>
<div class="govuk-button-group">
<button value="accept" type="submit" name="cookies" class="govuk-button" data-module="govuk-button">
Accept analytics cookies
</button>
<button value="reject" type="submit" name="cookies" class="govuk-button" data-module="govuk-button">
Reject analytics cookies
</button>
<a class="govuk-link" href="#">View cookies</a>
</div>
</div>
</div>
</form>
Nunjucks macro options
Use options to customise the appearance, content and behaviour of a component when using a macro, for example, changing the text.
Some options are required for the macro to work; these are marked as "Required" in the option description.
If you're using Nunjucks macros in production with "html" options, or ones ending with "html", you must sanitise the HTML to protect against cross-site scripting exploits.
Primary options
| string |
The text for the aria-label which labels the cookie banner region. This region applies to all messages that the cookie banner includes. For example, the cookie message and the confirmation message. Defaults to "Cookie banner".
|
| boolean |
Defaults to false. If you set this option to true, the whole cookie banner is hidden, including all messages within the banner. You can use hidden for client-side implementations where the cookie banner HTML is present, but hidden until the cookie banner is shown using JavaScript.
|
| string |
The additional classes that you want to add to the cookie banner.
|
| object |
The additional attributes that you want to add to the cookie banner. For example, data attributes.
|
| array |
Required.
The different messages you can pass into the cookie banner. For example, the cookie message and the confirmation message.
See messages.
|
Options for messages
| string |
The heading text that displays in the message. You can use any string with this option. If you set headingHtml, headingText is ignored.
|
| string |
The heading HTML to use within the message. You can use any string with this option. If you set headingHtml, headingText is ignored. If you are not passing HTML, use headingText.
|
| string |
Required.
The text for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored.
|
| string |
Required.
The HTML for the main content within the message. You can use any string with this option. If you set html, text is not required and is ignored. If you are not passing HTML, use text.
|
| array |
The buttons and links that you want to display in the message. actions defaults to button unless you set href, which renders the action as a link.
See actions.
|
| boolean |
Defaults to false. If you set it to true, the message is hidden. You can use hidden for client-side implementations where the confirmation message HTML is present, but hidden on the page.
|
| string |
Set role to alert on confirmation messages to allow assistive tech to automatically read the message. You will also need to move focus to the confirmation message using JavaScript you have written yourself.
|
| string |
The additional classes that you want to add to the message.
|
| object |
The additional attributes that you want to add to the message. For example, data attributes.
|
Options for actions
| string |
Required.
The button or link text.
|
| string |
The type of button. You can set button or submit. Set button and href to render a link styled as a button. If you set href, it overrides submit.
|
| string |
The href for a link. Set button and href to render a link styled as a button.
|
| string |
The name attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The value attribute for the button. Does not apply if you set href, which makes a link.
|
| string |
The additional classes that you want to add to the button or link.
|
| object |
The additional attributes that you want to add to the button or link. For example, data attributes.
|
{% from "govuk/components/cookie-banner/macro.njk" import govukCookieBanner %}
<form method="POST">
{{ govukCookieBanner({
ariaLabel: "Cookies on [name of service]",
messages: [
{
headingText: "Cookies on [name of service]",
text: "We use some essential cookies to make this service work. We’d like to set additional cookies so we can remember your settings, understand how you use the service and make improvements.",
actions: [
{
text: "Accept analytics cookies",
type: "submit",
name: "cookies",
value: "accept"
},
{
text: "Reject analytics cookies",
type: "submit",
name: "cookies",
value: "reject"
},
{
text: "View cookies",
href: "#"
}
]
}
]
}) }}
</form>
Creating a cookies page
You’ll need a cookie page as well as a cookie banner.
When the user sets or changes their cookie preferences using the controls on the cookie page (rather than in the cookie banner), display this version of the replacement message. This is so they can get back to the page they were looking at.
Research on this component
When the user accepts or rejects cookies, a replacement message will display. For example, “Your cookie preferences have been saved.” The focus also shifts to this new message.
However, a visible focus indicator does not display around the replacement message. This is different from the notification banner, which does display a visible focus indicator.
We decided to remove the visible focus indicator from the replacement message for a few reasons, as:
- a user cannot interact with it
- it’s the first element, at the very top of the page
- it displays in place of the cookie message, which is the last thing the user interacted with
In this scenario, we assume that a visible focus indicator would be more likely to confuse users than to help them. However, we need more research to prove this.
To help make sure that this page is useful, relevant and up to date, you can: