Consent Mode (GDPR)
Consent Mode lets you comply with GDPR, ePrivacy, and other cookie consent laws. The snippet still loads the datafile and runs your global custom script (project JS — JavaScript or TypeScript), but sets no cookies, runs no experiments, and sends no tracking data until the visitor explicitly consents and your site calls avsb.init().
Enabling Consent Mode
- Go to Project Settings > Configuration.
- Toggle Consent mode on in the Advanced settings section.
- Click Save changes. The datafile is republished immediately.
The embed code stays the same — no script tag changes or URL parameters are needed.
How it works
What runs immediately (before consent)
- Datafile fetch— the snippet fetches your project configuration from A vs B's CDN. This is a static JSON file — no cookies are set and no user data is sent.
- Global custom script (project JS) — your project JS code (written in JavaScript or TypeScript) runs immediately, so you can place your consent integration code (OneTrust, Cookiebot, etc.) there and call
avsb.init()when consent is granted. - Stub API —
window.avsbis exposed withinit(),disable(), and queue support.
What waits for consent
- Cookie creation (no
_avsb_visitorcookie untilinit()) - Experiment evaluation and variation injection
- Event tracking and exposure logging
- Anti-flicker (page hiding)
When the visitor consents, your site calls avsb.init() and the full initialization runs — cookie creation, experiment evaluation, variation injection, and event tracking. If the visitor later revokes consent, call avsb.disable() to tear everything down.
Integration examples
OneTrust
1// Replace 'C0002' with your OneTrust category ID for analytics cookies2if (window.OneTrust) {3 window.OneTrust.OnConsentChanged(({ detail: categories }) => {4 if (categories && categories.includes('C0002')) {5 avsb.init()6 } else {7 avsb.disable()8 }9 })10}Cookiebot
1window.addEventListener('CookiebotOnAccept', () => {2 if (window.Cookiebot && window.Cookiebot.consent.statistics) {3 avsb.init()4 }5})6window.addEventListener('CookiebotOnDecline', () => {7 avsb.disable()8})Custom consent banner
1// Call avsb.init() when the visitor gives consent2var acceptBtn = document.getElementById('accept-cookies')3if (acceptBtn) {4 acceptBtn.addEventListener('click', () => {5 avsb.init()6 })7}8
9// Call avsb.disable() if the visitor revokes consent10var revokeBtn = document.getElementById('revoke-cookies')11if (revokeBtn) {12 revokeBtn.addEventListener('click', () => {13 avsb.disable()14 })15}API reference
avsb.init()
Starts the snippet when Consent Mode is enabled. Triggers cookie creation, experiment evaluation, variation injection, and event tracking. Has no effect when Consent Mode is off (the snippet auto-initializes), when already initialized, or after disable() has been called. Any track calls queued before init() are replayed after initialization completes.
avsb.disable()
Stops all tracking, clears the visitor cookie, removes injected variations, and tears down experiment triggers. After calling disable(), init() becomes a no-op — the visitor must reload the page to re-consent.
Behavior by state
| State | track.* | getVisitorId() | getVariation() | forceVariation() |
|---|---|---|---|---|
Before init() | Queued | null | null | false |
After init() | Fires immediately | Returns visitor ID | Returns variation ID | Works normally |
After disable() | Dropped | null | null | false |
Anti-flicker behavior
When Consent Mode is on, anti-flicker activates when init() is called — not on page load. This prevents the page from being hidden while waiting for consent that might take seconds or never come. If the visitor consents quickly, they see a brief flicker hide just like in non-consent mode.
FAQ
window.avsb.disable(), init() is a no-op. The visitor must reload the page to re-consent. This is intentional — it ensures a clean state after consent revocation.track.event() and track.segment() calls before init(). They are replayed automatically after initialization completes.