Cookie declaration and accessibility (EU directives)
Our org is starting to get up to date with the EU directives for cookies and (as a public institution) accessibility, for our internal sites. We've been prioritizing public-facing sites, but now we need to get the internal up-to-code as well.
I'm trying to get an overview of which cookies the portal stores ootb, as we need to describe the type, purpose etc of each one. I see the session cookies
CPAuth, which sounds like cookies used to authenticate, but why are there two, and what is the difference? And what is the last
NSC* cookie for?
And in local storage I see all the
sessionTimer.LastActivityTime - all self-explanatory. Can there be any other cookies here?
In session storage I have
nodes.all as well as
viewPanels.all, which are related to the rendered navigation. Can there be any other cookies here?
Furthermore, as a public institution, we have to live up to the accessibility directive, specifically implementing WCAG 2.1, which I unfortunately don't see on the roadmap. How far along is Cireson with accessibility? Is it coming? WAVE is giving me a whole bunch of errors and alerts - a number of these we can fix with custom.js, but it would be nice to have accessibility thought into the design itself, such as alt text for fa icons, form labels, etc.