."},{"@type":"HowToStep","position":2,"text":"Directly below the Usercentrics loader, add the Smart Data Protector (SDP) script: ; the SDP must load after the CMP loader but before the third-party scripts you wish to block."},{"@type":"HowToStep","position":3,"text":"Add all third-party scripts that should be blocked to the Usercentrics Admin Interface, assigning each a Data Processing Service (DPS) category; the SDP matches scripts against this registry by URL pattern."},{"@type":"HowToStep","position":4,"text":"Change the type attribute of each third-party script tag from text/javascript to text/plain and add a data-usercentrics attribute equal to the DPS name as configured in the Admin Interface — this prevents the browser from executing them natively."},{"@type":"HowToStep","position":5,"text":"Test blocking by opening browser devtools: before consent, blocked scripts should appear as type='text/plain' in the DOM with a pid attribute showing the template ID; after consent, the SDP rewrites them to type='text/javascript' and they execute."},{"@type":"HowToStep","position":6,"text":"For iframe-based embeds (e.g., YouTube), the SDP overlays a consent prompt on the iframe placeholder; configure the overlay text and styling in the Admin Interface under the relevant DPS."}],"about":"docs.usercentrics.com","dateCreated":"2026-06-12T16:34:11.151Z"}
Configure Usercentrics Smart Data Protector to auto-block third-party scripts until consent is given
Install the Usercentrics CMP script tag in your page <head> using your settingsId: <script id='usercentrics-cmp' src='https://app.usercentrics.eu/browser-ui/latest/loader.js' data-settings-id='YOUR_SETTINGS_ID' async></script>.
Directly below the Usercentrics loader, add the Smart Data Protector (SDP) script: <script src='https://app.usercentrics.eu/browser-ui/latest/sdp.js' async></script>; the SDP must load after the CMP loader but before the third-party scripts you wish to block.
Add all third-party scripts that should be blocked to the Usercentrics Admin Interface, assigning each a Data Processing Service (DPS) category; the SDP matches scripts against this registry by URL pattern.
Change the type attribute of each third-party script tag from text/javascript to text/plain and add a data-usercentrics attribute equal to the DPS name as configured in the Admin Interface — this prevents the browser from executing them natively.
Test blocking by opening browser devtools: before consent, blocked scripts should appear as type='text/plain' in the DOM with a pid attribute showing the template ID; after consent, the SDP rewrites them to type='text/javascript' and they execute.
For iframe-based embeds (e.g., YouTube), the SDP overlays a consent prompt on the iframe placeholder; configure the overlay text and styling in the Admin Interface under the relevant DPS.
Known gotchas
Scripts loaded by a tag manager (e.g., GTM) are not visible to the SDP's DOM scanner and require a separate GTM consent integration or the Usercentrics GTM template from the Google Tag Manager template gallery.
The SDP matches scripts by URL pattern against its internal database; a script not in the Usercentrics DPS registry will not be auto-blocked — you must manually add unknown vendors in the Admin Interface.
Async loading of the SDP script introduces a race condition on fast networks; the SDP documentation recommends loading it synchronously (remove the async attribute) if your page has critical tracking scripts that fire very early.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp