-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ConsentManagement: detect __cmp in window.top #2626
Conversation
I would actually replace this to: var __cmpFunc = window.__cmp || window.top.__cmp;
if ( __cmpFunc ) ... |
@YOzaz your example would throw an exception in an unfriendly iframe. |
Oh come on: var __cmpFunc = null;
try {
__cmpFunc = window.__cmp || window.top.__cmp;
} catch(e) { /** Silence is golden **/ }
if (utils.isFn(__cmpFunc)) ... You can actually do |
Shouldn't QuantCast just become compliant with the CMP spec? |
@mkendall07 good point! |
@YOzaz may be simple, but still worth mentioning. @mkendall07 that's what I said in "other information" but considering it's an easy enough modification, I think Prebid.js should cover it, just in case. Because right now publishers/ad networks have to create a proxy for the |
@mkendall07 but even official example on Prebid.og docs doesn't inject an iframe :) from my point of view, this PR is quite logical, but I'd rewrite it like this: let cmpFunc = null;
try {
cmpFunc = window.__cmp || window.top.__cmp;
} catch(e) {}
if (utils.isFn(cmpFunc)) {
cmpFunc('getConsentData', null, callbackHandler.consentDataCallback);
cmpFunc('getVendorConsents', null, callbackHandler.vendorConsentsCallback);
} else if (inASafeFrame() && typeof window.$sf.ext.cmp === 'function') {
callCmpWhileInSafeFrame('getConsentData', callbackHandler.consentDataCallback);
callCmpWhileInSafeFrame('getVendorConsents', callbackHandler.vendorConsentsCallback);
} else {
// find the CMP frame
let f = window;
let cmpFrame;
while (!cmpFrame) {
try {
if (f.frames['__cmpLocator']) cmpFrame = f;
} catch (e) {}
if (f === window.top) break;
f = f.parent;
}
callCmpWhileInIframe('getConsentData', cmpFrame, callbackHandler.consentDataCallback);
callCmpWhileInIframe('getVendorConsents', cmpFrame, callbackHandler.vendorConsentsCallback);
} Difference: no duplicated code. |
@YOzaz |
@mkendall07 sorry, my bad. It's there now. |
Credits to @YOzaz
PR updated. |
@benjaminclot and all, thanks for the conversation/feedback here. I think the updated code may be more ideal here, I'll start testing it out in a bit. @benjaminclot Can you please take a look at/fix the lint errors in the Travis job that failed in the meantime? |
@jsnellbaker fixed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
@mkendall07 actually, it's not there - I was referring to this example: http://prebid.org/dev-docs/modules/consentManagement.html#publishers-not-using-an-iab-compliant-cmp. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
* ConsentManagement: detect __cmp in window.top * Lighter modification Credits to @YOzaz * typo * fixed spaces
* ConsentManagement: detect __cmp in window.top * Lighter modification Credits to @YOzaz * typo * fixed spaces
* ConsentManagement: detect __cmp in window.top * Lighter modification Credits to @YOzaz * typo * fixed spaces
Type of change
Description of change
At least one CMP (QuantCast, not to name it) doesn't create the
__cmpLocator
iFrame, so that when prebid is loaded from inside an iFrame it can't locate the CMP. This PR tries to detect ifwindow.top.__cmp
exists (after checking ifwindow.top
is accessible) and use it. If not, an error is returned.Other information
While I'm aware that this should be fixed on the CMP level, adding this detection isn't too much of a hassle.