airgap.js is the only client-side consent manager SDK that offers network-level request regulation. This means that you only have to configure data flows, and our privacy governance engine handles the rest.
Through a combination of API patchers, virtual proxy documents, and optional dynamic Content Security Policies, we provide a layered security model that offers network regulation capabilities. These capabilities are used to power our tracker regulation engine and event quarantine system which allows network and cookie events to be quarantined locally and released when consented.
Our SDK offers the following per-event enforcement actions:
Our SDK offers powerful event quarantine functionality that allows network and cookie events to be quarantined locally and released when consented. Using our APIs, you can configure what is quarantined, for how long, and whether the quarantine should be persisted across pageviews. We quarantine most blocked requests and all blocked cookies by default, using some basic heuristics to determine whether an event is worth quarantining to reduce wasted network bandwidth.
Our quarantine replay system was carefully designed to allow for in-place replay of events to enable no-code integration with any website. This means that APIs like
new XMLHttpRequest() can be blocked without consent and later resolve once the user consents.
Our DOM regulation engine allows for quarantining and replaying complex DOM mutations that cause network requests in-place, without necessitating any special integration steps by site owners.
Limitation: Overrides cannot bypass an active Content Security Policy.
As an added layer of security, we offer the ability generate and enforce dynamic Content Security Policies that are tailored to your users' consent choices.
Transcend's Privacy-Enhancing Tracker Overrides includes list of common trackers that we can use to automatically drop cookies from certain requests when associated tracking purposes are not consented.
Watch our talk at PEPR 2021: