Drupal Platform

Drupal offers multiple ways to add CookieScan. This guide covers the three most reliable approaches: using the Asset Injector module, editing your theme's html.html.twig, or via Google Tag Manager.

Before you start

You will need:

1. An active CookieScan subscription (view plans)
2. Your banner installation code from the CookieScan dashboard (Cookie Banner → Install Code)
3. Administrator access to your Drupal site
4. For Method 2: access to your theme files (via FTP/SSH)

The install code looks like this:

<script src="https://banner.cookiescan.com/js?id=YOUR-COOKIESCAN-ID"></script>

Replace YOUR-COOKIESCAN-ID with the code from your dashboard.

Method 1: Asset Injector module (recommended)

The Asset Injector module lets you add scripts site-wide through the admin with no file editing.

Step 1 – Install Asset Injector

1. Go to Extend → + Install new module
2. Download Asset Injector from drupal.org/project/asset_injector
3. Install and enable it (including the JS Injector sub-module)

Or via Composer:

composer require drupal/asset_injector
drush en asset_injector

Step 2 – Add your CookieScan script

1. Go to Configuration → Development → Asset Injector → JS Injector
2. Click + Add JS Injector
3. Fill in:
   • Label: CookieScan Banner
   • Code: paste the following (note: do NOT include the script tag wrapper, just the JS):

     var cs = document.createElement('script');
     cs.src = 'https://banner.cookiescan.com/js?id=YOUR-COOKIESCAN-ID';
     document.getElementsByTagName('head')[0].appendChild(cs);

   • Preprocess: uncheck this box (we want the script loaded first, not bundled)
   • Header: check this box (loads in <head>)
   • Nodes: leave empty to load on all pages
4. Click Save
5. Clear Drupal cache: Configuration → Performance → Clear all caches

Method 2: Edit html.html.twig (for theme developers)

Best if you want the script committed to your theme and deployed via version control.

Step 1 – Locate the file

Copy core/modules/system/templates/html.html.twig to your custom theme's templates directory (if it doesn't exist there already).

Step 2 – Add the CookieScan script

Open the copied html.html.twig and find the <head> section. Add your script right after the opening tag:

<head>
  <script src="https://banner.cookiescan.com/js?id=YOUR-COOKIESCAN-ID"></script>
  <head-placeholder token="{{ placeholder_token }}">
  <title>{{ head_title|safe_join(' | ') }}</title>
  ...

Step 3 – Clear cache

drush cr

Or via the admin: Configuration → Performance → Clear all caches.

Method 3: Install via Google Tag Manager

If GTM is already on your Drupal site (via the Google Tag module or manually):

1. In CookieScan, open Cookie Banner → Install Code and switch to the Google Tag Manager Install tab
2. Copy your CookieScan ID
3. In GTM, go to Templates → Search Gallery and add the CookieScan template
4. Create a tag using the template, paste your ID
5. Trigger: Consent Initialization – All Pages
6. Submit and publish

Disable Drupal's EU Cookie Compliance module (if installed)

If you have the EU Cookie Compliance module enabled, it will conflict with CookieScan. Disable it:

1. Go to Extend
2. Find EU Cookie Compliance, uncheck it, and click Uninstall

Verify the installation

1. Visit your site in a new incognito window
2. The CookieScan banner should appear
3. Open DevTools (F12) → Network tab → filter by cookiescan
4. Confirm banner.cookiescan.com loads

What happens next

• CookieScan scans your site for all cookies (including those from Drupal modules like Webform, Views AJAX, etc.)
• Detected cookies appear in Cookie Manager → Unclassified – categorise them
• The banner blocks non-essential cookies until user consent
• Every decision is logged for compliance auditing

Troubleshooting

Banner not appearing

• Clear all caches: drush cr or Configuration → Performance → Clear all caches
• Check if aggregated CSS/JS is enabled – it may be bundling your script. Try unchecking Preprocess in the JS Injector
• View page source and confirm the script is in the <head>

Script loading in wrong location

• Make sure the Header option is checked in JS Injector
• If using Method 2, verify your theme's html.html.twig override is being picked up

Conflicts with cached content

• Purge Varnish/CDN caches
• Disable Drupal's Internal Page Cache temporarily to test

Full documentation

For detailed setup help, see the support guide linked in your CookieScan dashboard, or visit our support guides.