# Consent-Auto-Blocking für heks.ch heks.ch: 29 Auto-Blocking-Regel(n) für Skripte, Iframes und Tag-Manager-Trigger aus SaferPage-Dienstsignalen. > Auto-Blocking-Regeln sind Betreiber-Vorlagen. Produktivbetrieb braucht CMP-Freigabe, Tests je Consent-Zustand, CSP-/Tag-Manager-Abgleich und fachliche Freigabe. ## Regeln - Google Fonts (*.fonts.gstatic.com): Kategorie externe_medien, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.externe_medien equals true. - Google Fonts (*.fonts.googleapis.com): Kategorie externe_medien, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.externe_medien equals true. - Google Tag Manager (*.googletagmanager.com): Kategorie marketing, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true. - Meta/Facebook (*.connect.facebook.net): Kategorie marketing, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true. - Meta/Facebook (*.facebook.com): Kategorie marketing, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true. - Vimeo (*.player.vimeo.com): Kategorie marketing, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true. - YouTube (*.youtube.com): Kategorie marketing, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true. - ads.madlab.ch (*.ads.madlab.ch): Kategorie marketing, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true. - C (*.adform.net): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - CookieScriptConsent (*.heks.ch): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - VISITOR_INFO1_LIVE (*.youtube.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - VISITOR_PRIVACY_METADATA (*.youtube.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - YSC (*.youtube.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - __Secure-ROLLOUT_TOKEN (*.youtube.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - __Secure-YNID (*.youtube.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - __cf_bm (*.vimeo.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - _cfuvid (*.vimeo.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - akipo1.heks.ch (*.akipo1.heks.ch): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - consent.cookie-script.com (*.consent.cookie-script.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - diffuser-cdn.app-us1.com (*.diffuser-cdn.app-us1.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - geo.cookie-script.com (*.geo.cookie-script.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - jctr_sid (*.heks.ch): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - jts-rw (*.heks.ch): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - s2.adform.net (*.s2.adform.net): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - script.crazyegg.com (*.script.crazyegg.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - servedby.flashtalking.com (*.servedby.flashtalking.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - static.readpeak.com (*.static.readpeak.com): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - track.adform.net (*.track.adform.net): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. - uid (*.adform.net): Kategorie unklar, Default blocked. Script: `` Iframe: `` GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true. ## Loader Snippet ```js window.addEventListener('saferpage-consent-update', function(event) { var consent = event.detail || {}; document.querySelectorAll('script[type="text/plain"][data-saferpage-category][data-src]').forEach(function(node) { var category = node.getAttribute('data-saferpage-category'); if (!consent[category] || node.getAttribute('data-saferpage-loaded') === 'true') return; var script = document.createElement('script'); Array.prototype.slice.call(node.attributes).forEach(function(attr) { if (attr.name === 'type' || attr.name === 'data-src' || attr.name === 'data-saferpage-category') return; script.setAttribute(attr.name, attr.value); }); script.src = node.getAttribute('data-src'); script.async = true; node.setAttribute('data-saferpage-loaded', 'true'); node.parentNode.insertBefore(script, node.nextSibling); }); document.querySelectorAll('iframe[data-saferpage-category][data-src]').forEach(function(node) { var category = node.getAttribute('data-saferpage-category'); if (!consent[category] || node.src === node.getAttribute('data-src')) return; node.src = node.getAttribute('data-src'); }); }); ``` ## GTM Setup - 1. Consent Initialization: Default Consent Mode vor allen Marketing-/Analytics-Tags auf denied setzen. - 2. Tag Trigger prüfen: Jeder nicht notwendige Tag braucht Kategoriebedingung aus saferpage_consent_update. - 3. Unklassifizierte Tags blockieren: Neue oder unbekannte Dienste bleiben aus, bis Kategorie, Zweck und Rechtsgrundlage freigegeben sind. - 4. Reject/GPC testen: Nach Ablehnen und GPC dürfen keine Marketing-/Analytics-/Embed-Tags nachladen. ## Placeholder - visual_embeds: Videos, Karten, Captchas und Social Widgets mit Platzhalter anzeigen und erst nach Kategorie-Freigabe laden. - copy: Dieser externe Inhalt ist blockiert, bis Sie die passende Datenschutz-Kategorie aktivieren. - preview_limit: Keine externen Preview-Bilder laden, wenn diese bereits Drittanbieter-Kontakte auslösen.