# Consent-Auto-Blocking für heidelbaer.de

heidelbaer.de: 20 Auto-Blocking-Regel(n) für Skripte, Iframes und Tag-Manager-Trigger aus SaferPage-Dienstsignalen.

> Auto-Blocking-Regeln sind Betreiber-Vorlagen. Produktivbetrieb braucht CMP-Freigabe, Tests je Consent-Zustand, CSP-/Tag-Manager-Abgleich und fachliche Freigabe.

## Regeln
- webfonts.zoho.eu (*.webfonts.zoho.eu): Kategorie externe_medien, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="externe_medien" data-src="https://webfonts.zoho.eu/..."></script>`
  Iframe: `<iframe data-saferpage-category="externe_medien" data-src="https://webfonts.zoho.eu/..." src="about:blank" title="webfonts.zoho.eu"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.externe_medien equals true.
- Google Tag Manager (*.googletagmanager.com): Kategorie marketing, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="marketing" data-src="https://googletagmanager.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="marketing" data-src="https://googletagmanager.com/..." src="about:blank" title="Google Tag Manager"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true.
- Google Analytics (*.region1.google-analytics.com): Kategorie statistik, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="statistik" data-src="https://region1.google-analytics.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="statistik" data-src="https://region1.google-analytics.com/..." src="about:blank" title="Google Analytics"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.statistik equals true.
- app.mailjet.com (*.app.mailjet.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://app.mailjet.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://app.mailjet.com/..." src="about:blank" title="app.mailjet.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cdn-api-weglot.com (*.cdn-api-weglot.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn-api-weglot.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn-api-weglot.com/..." src="about:blank" title="cdn-api-weglot.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cdn.heidelbaer.de (*.cdn.heidelbaer.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn.heidelbaer.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn.heidelbaer.de/..." src="about:blank" title="cdn.heidelbaer.de"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cdn.prod.website-files.com (*.cdn.prod.website-files.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn.prod.website-files.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn.prod.website-files.com/..." src="about:blank" title="cdn.prod.website-files.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cdn.weglot.com (*.cdn.weglot.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn.weglot.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn.weglot.com/..." src="about:blank" title="cdn.weglot.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- horribleguild.com (*.horribleguild.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://horribleguild.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://horribleguild.com/..." src="about:blank" title="horribleguild.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- jsDelivr (*.cdn.jsdelivr.net): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn.jsdelivr.net/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn.jsdelivr.net/..." src="about:blank" title="jsDelivr"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- pendragongamestudio.com (*.pendragongamestudio.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://pendragongamestudio.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://pendragongamestudio.com/..." src="about:blank" title="pendragongamestudio.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- shop.heidelbaer.de (*.shop.heidelbaer.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..." src="about:blank" title="shop.heidelbaer.de"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- sites-stratus.zohostratus.eu (*.sites-stratus.zohostratus.eu): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://sites-stratus.zohostratus.eu/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://sites-stratus.zohostratus.eu/..." src="about:blank" title="sites-stratus.zohostratus.eu"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- static.zohocdn.com (*.static.zohocdn.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://static.zohocdn.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://static.zohocdn.com/..." src="about:blank" title="static.zohocdn.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- studiosupernova.it (*.studiosupernova.it): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://studiosupernova.it/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://studiosupernova.it/..." src="about:blank" title="studiosupernova.it"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- x6oqj.mjt.lu (*.x6oqj.mjt.lu): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://x6oqj.mjt.lu/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://x6oqj.mjt.lu/..." src="about:blank" title="x6oqj.mjt.lu"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- zalb_8c3fb3ce21 (*.shop.heidelbaer.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..." src="about:blank" title="zalb_8c3fb3ce21"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- zalb_f4e407ec5b (*.heidelbaer.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://heidelbaer.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://heidelbaer.de/..." src="about:blank" title="zalb_f4e407ec5b"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- zcgeo_location (*.shop.heidelbaer.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..." src="about:blank" title="zcgeo_location"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- zsref (*.shop.heidelbaer.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://shop.heidelbaer.de/..." src="about:blank" title="zsref"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.

## Loader Snippet

```js
window.addEventListener('saferpage-consent-update', function(event) {
  var consent = event.detail || {};
  document.querySelectorAll('script[type="text/plain"][data-saferpage-category][data-src]').forEach(function(node) {
    var category = node.getAttribute('data-saferpage-category');
    if (!consent[category] || node.getAttribute('data-saferpage-loaded') === 'true') return;
    var script = document.createElement('script');
    Array.prototype.slice.call(node.attributes).forEach(function(attr) {
      if (attr.name === 'type' || attr.name === 'data-src' || attr.name === 'data-saferpage-category') return;
      script.setAttribute(attr.name, attr.value);
    });
    script.src = node.getAttribute('data-src');
    script.async = true;
    node.setAttribute('data-saferpage-loaded', 'true');
    node.parentNode.insertBefore(script, node.nextSibling);
  });
  document.querySelectorAll('iframe[data-saferpage-category][data-src]').forEach(function(node) {
    var category = node.getAttribute('data-saferpage-category');
    if (!consent[category] || node.src === node.getAttribute('data-src')) return;
    node.src = node.getAttribute('data-src');
  });
});
```

## GTM Setup
- 1. Consent Initialization: Default Consent Mode vor allen Marketing-/Analytics-Tags auf denied setzen.
- 2. Tag Trigger prüfen: Jeder nicht notwendige Tag braucht Kategoriebedingung aus saferpage_consent_update.
- 3. Unklassifizierte Tags blockieren: Neue oder unbekannte Dienste bleiben aus, bis Kategorie, Zweck und Rechtsgrundlage freigegeben sind.
- 4. Reject/GPC testen: Nach Ablehnen und GPC dürfen keine Marketing-/Analytics-/Embed-Tags nachladen.

## Placeholder
- visual_embeds: Videos, Karten, Captchas und Social Widgets mit Platzhalter anzeigen und erst nach Kategorie-Freigabe laden.
- copy: Dieser externe Inhalt ist blockiert, bis Sie die passende Datenschutz-Kategorie aktivieren.
- preview_limit: Keine externen Preview-Bilder laden, wenn diese bereits Drittanbieter-Kontakte auslösen.
