Quick start
Paste the snippet, pick a blocking mode, ship.
Default load
After sign-up you get a data-site-id on the site settings page (format cl_...). Paste the snippet into <head>:
<script
async
src="https://cdn.cookielint.com/banner/banner.boot.js"
data-site-id="cl_..."
></script>The boot script installs the blocking engine before any later script on the page can fire trackers, then lazy-loads the chunked banner module for the UI, TCF encoder, GPP encoder, and preferences modal. async here means the boot fetches in parallel with HTML parsing; it does not block first paint. For zero pre-consent leak on sites with inline tracker tags, use strict mode below.
Strict load (zero pre-consent leak)
Drop async and add data-blocking-mode="strict":
<script
src="https://cdn.cookielint.com/banner/banner.boot.js"
data-site-id="cl_..."
data-blocking-mode="strict"
></script>Without async, the boot script blocks the HTML parser until it has installed the blocking engine. Any later script on the page (inline or external) then runs through the blocking hooks, so non-essential trackers cannot fire before the visitor decides. Trade-off: ~6 KB of blocking JS is fetched before the parser resumes, which adds a small first-paint cost on cold cache.
Next steps
The snippet | Every supported attribute on the loader tag. |
Service worker | Catch requests that fire before any JavaScript runs. Recommended for highest coverage. |
JavaScript API | Subscribe to consent, open preferences, identify users, replay on grant. |
Continue to The snippet for the full attribute list.