Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(consent-tester): 3 Edge-Cases — kein-Banner-konform, Geo-Caveat, Non-Cookie-Tracking

Browse Source 
#1/#2: Wenn KEIN Banner erkannt UND kein Tracking vor Consent (statische Seite
oder nur technisch notwendige Cookies, §25 Abs.2 TDDDG) → affirmativer LOW-Befund
"konform, kein Banner nötig" statt stillem "Banner fehlt". Inkl. Geo-Caveat
(Scan außerhalb EU sieht geo-getargetete Banner evtl. nicht).

#3: detect_non_cookie_tracking erkennt Pixel/Fingerprinting per Domain-Signatur
(Meta, TikTok, LinkedIn, Pinterest, Clarity, FingerprintJS, Hotjar, Reddit,
Snapchat) → MEDIUM-Befund "§25/Art.5(3) gilt auch ohne Cookies". '0 Cookies' ≠
'kein einwilligungspflichtiges Tracking'.

Verdrahtet in consent_scanner vor dem Return. Tests + py_compile grün.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-06-12 19:49:55 +02:00
parent d8a9e3049d
commit c2422138e6
3 changed files with 129 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
consent-tester/services/consent_scanner.py
+22
View File
@@ -540,6 +540,28 @@ async def run_consent_test(
result.banner_provider, len(result.before_violations), len(result.reject_violations),
len(result.category_tests), len(result.cmp_payloads),
)
# Edge-Cases: kein Banner affirmativ einordnen (#1/#2) + Non-Cookie-Tracking (#3).
try:
from services.banner_text_checker import (
build_no_banner_finding, detect_non_cookie_tracking,
build_non_cookie_tracking_finding,
)
# #1/#2: KEIN Banner + KEIN Tracking vor Consent → konform (statisch /
# nur technisch notwendig), nicht still "Banner fehlt". Inkl. Geo-Caveat.
if (not result.banner_detected and not result.before_violations
and not result.before_tracking):
result.banner_text_violations.append(
build_no_banner_finding(result.banner_has_dse_link))
# #3: Pixel/Fingerprinting (cookieloses Tracking) → §25 gilt auch ohne Cookies.
_nct = detect_non_cookie_tracking(
(result.before_scripts or []) + (result.accept_scripts or []))
if _nct:
result.banner_text_violations.append(
build_non_cookie_tracking_finding(_nct))
except Exception as e:
logger.warning("Edge-case findings skipped: %s", e)
return result