feat(consent+report): P56-P67 Mercedes-Audit-Cycle (Anti-Audit, Phase G Vendors, Cookie-Behavior-Validator + 5 Mail-Polish-Items) [migration-approved]
CI / detect-changes (push) Successful in 11s
CI / branch-name (push) Has been skipped
CI / nodejs-build (push) Successful in 2m19s
CI / test-go (push) Has been skipped
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / validate-canonical-controls (push) Successful in 16s
CI / loc-budget (push) Failing after 15s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 37s
CI / detect-changes (push) Successful in 11s
CI / branch-name (push) Has been skipped
CI / nodejs-build (push) Successful in 2m19s
CI / test-go (push) Has been skipped
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / validate-canonical-controls (push) Successful in 16s
CI / loc-budget (push) Failing after 15s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 37s
P56 Anti-Auditing-Detection als constructive Compliance-Finding (Audit-API-
Empfehlung statt Anklage, weil Mercedes berechtigt Bots blockiert)
P57 Phase G vendor_details Union mit cmp_vendors -> 42 Anbieter sichtbar
P58 Anti-Audit-Detection robuster (Script-Domain-Check + Settings-spezifisch)
P59 Cookie-Behavior-Validator (4 Layer, 3-Tier-Severity: MEDIUM=Kategorie-
Mismatch / HIGH=Zweck-Mismatch / CRITICAL=beide=Vorsatz-Indiz)
+ Open Cookie Database (CC0) als Library-Seed (2264 Cookies)
P59b Cookie-Behavior in Banner-Check verdrahtet + Mail-Block (BUGFIX:
SessionLocal selbst oeffnen, db war im Background-Task nicht im Scope)
Mail-Polish nach Mercedes-Review:
P63 Banner-Footer-Links auch im wb7-link/role=link erkennen (Shadow-DOM-
Walker label-based statt nur <a href>)
P64 Re-Access-Severity: MEDIUM statt HIGH, wenn Footer "Einstellungen" oder
Mercedes-typisch existiert; OEM-Footer-Detection (wb7-footer)
P65 Text-Truncation: Word-Boundary statt Zeichen-Cut (kein "einfa"-Bruch
mehr in Sofortmassnahmen)
P66 GF-Aktionen: Service-Zweck vs Cookie-Zweck explizit erklaert
(haeufige Verwechslung Marketing/GF: "Akamai-Beschreibung" != Cookie-
Zweck pro DSK-OH 2024)
P67 Stirring-Finding mit "Verlust-Framing"-Erklaerung + Alt-vs-Neutral-
Beispiel, statt nur EDPB-Fachbegriff
Compliance-Advisor FAQ (admin agent-core/soul):
+ CNIL/EDPB Top-Bussgelder (Google 100M, Meta 60M, Amazon 35M)
+ Deutsche Praezedenz (LG Muenchen Google Fonts, EuGH Planet49, BGH I ZR 7/16)
+ 4 Risiko-Pfade (Bussgeld/Abmahnung/Sammelklage/NOYB) + Berechnungs-Methodik
Document-Generator Templates: AGB-DE (142), Impressum (140), Widerrufs-
formular-Anlage (143), DSR-Process-Dedup (139), Cookie-Library (144).
Architektur: doc_action_mappings.py + banner_dom_walkers.py +
cookie_behavior_validator.py + vendor_detail_extractor.py rausgezogen,
um die 500-LOC-Caps in agent_doc_check_report.py und
banner_text_checker.py einzuhalten.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -17,6 +17,32 @@ class BannerInfo:
|
||||
reject_selector: str
|
||||
|
||||
|
||||
# P22: Web-Component-CMPs (Banner ist im Shadow-DOM eines custom-element).
|
||||
# Standard-Selektoren greifen nicht — Detection ueber Tag-Name.
|
||||
WEB_COMPONENT_CMP_TAGS = [
|
||||
{
|
||||
"tag": "cmm-cookie-banner",
|
||||
"provider": "Mercedes (cmm-cookie-banner)",
|
||||
# Mercedes-Banner-Buttons im Shadow: "Alle akzeptieren" /
|
||||
# "Nur technisch notwendige" / "Einstellungen"
|
||||
"accept_text": "Alle akzeptieren",
|
||||
"reject_text": "Nur technisch notwendige",
|
||||
},
|
||||
{
|
||||
"tag": "cookie-consent-banner",
|
||||
"provider": "Generic Web Component (cookie-consent-banner)",
|
||||
"accept_text": "akzeptieren|accept|zustimmen",
|
||||
"reject_text": "ablehnen|reject|notwendig",
|
||||
},
|
||||
{
|
||||
"tag": "consent-banner",
|
||||
"provider": "Generic Web Component (consent-banner)",
|
||||
"accept_text": "akzeptieren|accept",
|
||||
"reject_text": "ablehnen|reject",
|
||||
},
|
||||
]
|
||||
|
||||
|
||||
# CMP-specific selectors (ordered by market share)
|
||||
CMP_SELECTORS = [
|
||||
{
|
||||
@@ -409,6 +435,23 @@ async def _detect_generic_attr(page: Page) -> BannerInfo | None:
|
||||
|
||||
async def detect_banner(page: Page) -> BannerInfo:
|
||||
"""Detect which CMP is used and return button selectors."""
|
||||
# P22: Web-Component-CMPs (Mercedes etc.) — direkter Tag-Check.
|
||||
# Shadow-DOM-Buttons werden via shadow-click:<pattern>-Selektor angesprochen.
|
||||
for wc in WEB_COMPONENT_CMP_TAGS:
|
||||
try:
|
||||
count = await page.evaluate(
|
||||
"(tag) => document.querySelectorAll(tag).length",
|
||||
wc["tag"],
|
||||
)
|
||||
if count > 0:
|
||||
return BannerInfo(
|
||||
detected=True, provider=wc["provider"],
|
||||
accept_selector=f"shadow-click:{wc['accept_text']}",
|
||||
reject_selector=f"shadow-click:{wc['reject_text']}",
|
||||
)
|
||||
except Exception:
|
||||
continue
|
||||
|
||||
# 1. Try CMP-specific selectors
|
||||
for cmp in CMP_SELECTORS:
|
||||
try:
|
||||
|
||||
Reference in New Issue
Block a user