# Consent-Auto-Blocking für reformhaus.de

reformhaus.de: 31 Auto-Blocking-Regel(n) für Skripte, Iframes und Tag-Manager-Trigger aus SaferPage-Dienstsignalen.

> Auto-Blocking-Regeln sind Betreiber-Vorlagen. Produktivbetrieb braucht CMP-Freigabe, Tests je Consent-Zustand, CSP-/Tag-Manager-Abgleich und fachliche Freigabe.

## Regeln
- Google Fonts (*.fonts.googleapis.com): Kategorie externe_medien, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="externe_medien" data-src="https://fonts.googleapis.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="externe_medien" data-src="https://fonts.googleapis.com/..." src="about:blank" title="Google Fonts"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.externe_medien equals true.
- Google Fonts (*.fonts.gstatic.com): Kategorie externe_medien, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="externe_medien" data-src="https://fonts.gstatic.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="externe_medien" data-src="https://fonts.gstatic.com/..." src="about:blank" title="Google Fonts"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.externe_medien equals true.
- Google Tag Manager (*.googletagmanager.com): Kategorie marketing, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="marketing" data-src="https://googletagmanager.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="marketing" data-src="https://googletagmanager.com/..." src="about:blank" title="Google Tag Manager"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true.
- _shopify_marketing (*.reformhaus.de): Kategorie marketing, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="marketing" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="marketing" data-src="https://reformhaus.de/..." src="about:blank" title="_shopify_marketing"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.marketing equals true.
- _shopify_analytics (*.reformhaus.de): Kategorie statistik, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="statistik" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="statistik" data-src="https://reformhaus.de/..." src="about:blank" title="_shopify_analytics"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.statistik equals true.
- XSRF-TOKEN (*.connect.haendlerbund.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://connect.haendlerbund.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://connect.haendlerbund.de/..." src="about:blank" title="XSRF-TOKEN"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- __cf_bm (*.cdn.506.io): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn.506.io/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn.506.io/..." src="about:blank" title="__cf_bm"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- __kla_id (*.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://reformhaus.de/..." src="about:blank" title="__kla_id"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- _shop_app_essential (*.shop.app): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://shop.app/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://shop.app/..." src="about:blank" title="_shop_app_essential"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- _shopify_essential (*.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://reformhaus.de/..." src="about:blank" title="_shopify_essential"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- _shopify_s (*.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://reformhaus.de/..." src="about:blank" title="_shopify_s"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- _shopify_y (*.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://reformhaus.de/..." src="about:blank" title="_shopify_y"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- a.klaviyo.com (*.a.klaviyo.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://a.klaviyo.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://a.klaviyo.com/..." src="about:blank" title="a.klaviyo.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- assets.connect.haendlerbund.de (*.assets.connect.haendlerbund.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://assets.connect.haendlerbund.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://assets.connect.haendlerbund.de/..." src="about:blank" title="assets.connect.haendlerbund.de"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cart_currency (*.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://reformhaus.de/..." src="about:blank" title="cart_currency"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cartdrawer-prod.herokuapp.com (*.cartdrawer-prod.herokuapp.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cartdrawer-prod.herokuapp.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cartdrawer-prod.herokuapp.com/..." src="about:blank" title="cartdrawer-prod.herokuapp.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cartdrawer.nyc3.cdn.digitaloceanspaces.com (*.cartdrawer.nyc3.cdn.digitaloceanspaces.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cartdrawer.nyc3.cdn.digitaloceanspaces.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cartdrawer.nyc3.cdn.digitaloceanspaces.com/..." src="about:blank" title="cartdrawer.nyc3.cdn.digitaloceanspaces.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cdn.506.io (*.cdn.506.io): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn.506.io/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn.506.io/..." src="about:blank" title="cdn.506.io"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- cdn.shopify.com (*.cdn.shopify.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://cdn.shopify.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://cdn.shopify.com/..." src="about:blank" title="cdn.shopify.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- connect.haendlerbund.de (*.connect.haendlerbund.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://connect.haendlerbund.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://connect.haendlerbund.de/..." src="about:blank" title="connect.haendlerbund.de"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- consent.cookiebot.com (*.consent.cookiebot.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://consent.cookiebot.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://consent.cookiebot.com/..." src="about:blank" title="consent.cookiebot.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- consentcdn.cookiebot.com (*.consentcdn.cookiebot.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://consentcdn.cookiebot.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://consentcdn.cookiebot.com/..." src="about:blank" title="consentcdn.cookiebot.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- fast.a.klaviyo.com (*.fast.a.klaviyo.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://fast.a.klaviyo.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://fast.a.klaviyo.com/..." src="about:blank" title="fast.a.klaviyo.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- localization (*.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://reformhaus.de/..." src="about:blank" title="localization"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- monorail-edge.shopifysvc.com (*.monorail-edge.shopifysvc.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://monorail-edge.shopifysvc.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://monorail-edge.shopifysvc.com/..." src="about:blank" title="monorail-edge.shopifysvc.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- otlp-http-production.shopifysvc.com (*.otlp-http-production.shopifysvc.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://otlp-http-production.shopifysvc.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://otlp-http-production.shopifysvc.com/..." src="about:blank" title="otlp-http-production.shopifysvc.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- shopify_client_id (*.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://reformhaus.de/..." src="about:blank" title="shopify_client_id"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- sst.reformhaus.de (*.sst.reformhaus.de): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://sst.reformhaus.de/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://sst.reformhaus.de/..." src="about:blank" title="sst.reformhaus.de"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- static-tracking.klaviyo.com (*.static-tracking.klaviyo.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://static-tracking.klaviyo.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://static-tracking.klaviyo.com/..." src="about:blank" title="static-tracking.klaviyo.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- static.devit.software (*.static.devit.software): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://static.devit.software/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://static.devit.software/..." src="about:blank" title="static.devit.software"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.
- static.klaviyo.com (*.static.klaviyo.com): Kategorie unklar, Default blocked.
  Script: `<script type="text/plain" data-saferpage-category="unklar" data-src="https://static.klaviyo.com/..."></script>`
  Iframe: `<iframe data-saferpage-category="unklar" data-src="https://static.klaviyo.com/..." src="about:blank" title="static.klaviyo.com"></iframe>`
  GTM: Fire only when event equals saferpage_consent_update and consent.unklar equals true.

## Loader Snippet

```js
window.addEventListener('saferpage-consent-update', function(event) {
  var consent = event.detail || {};
  document.querySelectorAll('script[type="text/plain"][data-saferpage-category][data-src]').forEach(function(node) {
    var category = node.getAttribute('data-saferpage-category');
    if (!consent[category] || node.getAttribute('data-saferpage-loaded') === 'true') return;
    var script = document.createElement('script');
    Array.prototype.slice.call(node.attributes).forEach(function(attr) {
      if (attr.name === 'type' || attr.name === 'data-src' || attr.name === 'data-saferpage-category') return;
      script.setAttribute(attr.name, attr.value);
    });
    script.src = node.getAttribute('data-src');
    script.async = true;
    node.setAttribute('data-saferpage-loaded', 'true');
    node.parentNode.insertBefore(script, node.nextSibling);
  });
  document.querySelectorAll('iframe[data-saferpage-category][data-src]').forEach(function(node) {
    var category = node.getAttribute('data-saferpage-category');
    if (!consent[category] || node.src === node.getAttribute('data-src')) return;
    node.src = node.getAttribute('data-src');
  });
});
```

## GTM Setup
- 1. Consent Initialization: Default Consent Mode vor allen Marketing-/Analytics-Tags auf denied setzen.
- 2. Tag Trigger prüfen: Jeder nicht notwendige Tag braucht Kategoriebedingung aus saferpage_consent_update.
- 3. Unklassifizierte Tags blockieren: Neue oder unbekannte Dienste bleiben aus, bis Kategorie, Zweck und Rechtsgrundlage freigegeben sind.
- 4. Reject/GPC testen: Nach Ablehnen und GPC dürfen keine Marketing-/Analytics-/Embed-Tags nachladen.

## Placeholder
- visual_embeds: Videos, Karten, Captchas und Social Widgets mit Platzhalter anzeigen und erst nach Kategorie-Freigabe laden.
- copy: Dieser externe Inhalt ist blockiert, bis Sie die passende Datenschutz-Kategorie aktivieren.
- preview_limit: Keine externen Preview-Bilder laden, wenn diese bereits Drittanbieter-Kontakte auslösen.