GTM Data Layer Names containing spaces cause syntax errors

  • Tom J Nowell

    (@tjnowell)


    3 weeks, 5 days ago

    In src/view/frontend/scripts/google-consent-mode-js.php this code is used to print out the GTM script:

    ?>
    <script<?php echo ! $consent_attribute ? '' : ' data-cookieconsent="' . esc_attr( $consent_attribute ) . '"'; ?>>
    	window.<?php echo esc_js( $data_layer ); ?> = window.<?php echo esc_js( $data_layer ); ?> || [];
    	function gtag() {
    		<?php echo esc_js( $data_layer ); ?>.push(arguments);
    	}
    	gtag("consent", "default", {

    However if $data_layer contains spaces those are not removed by esc_js and make it through causing a syntax error, e.g.:

    <!DOCTYPE html>
    <html lang="en-US">
    <head>
    	<meta charset="UTF-8" />
    	<script data-cookieconsent="ignore">
    	window.test data layer = window.test data layer || [];
    	function gtag() {
    		test data layer.push(arguments);
    	}

    Instead of using esc_js it would be safer to do something like this beforehand:

    	$data_layer = preg_replace( '/[^a-z0-9_]/i', '', $data_layer );
    • This topic was modified 3 weeks, 5 days ago by Tom J Nowell.
Viewing 1 replies (of 1 total)
  • Thread Starter Tom J Nowell

    (@tjnowell)

    3 weeks, 5 days ago

    Noting I’ve searched for a Github repo to make a PR against for this fix but haven’t found anything

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.