Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Set cookie domain in pubcid / userid on main domain, not subdomain #5500

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 30 additions & 0 deletions modules/pubCommonIdSystem.js
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,14 @@

import * as utils from '../src/utils.js';
import {submodule} from '../src/hook.js';
import {getStorageManager} from '../src/storageManager.js';

const PUB_COMMON_ID = 'PublisherCommonId';

const MODULE_NAME = 'pubCommonId';

const storage = getStorageManager(null, 'pubCommonId');

/** @type {Submodule} */
export const pubCommonIdSubmodule = {
/**
Expand Down Expand Up @@ -90,6 +93,33 @@ export const pubCommonIdSubmodule = {
const callback = this.makeCallback(pixelUrl, storedId);
return callback ? {callback: callback} : {id: storedId};
}
},

/**
* @param {string} domain
* @param {HTMLDocument} document
* @return {(string|undefined)}
*/
domainOverride: function () {
idettman marked this conversation as resolved.
Show resolved Hide resolved
const domainElements = document.domain.split('.');
const cookieName = `_gd${Date.now()}`;
for (let i = 0, topDomain; i < domainElements.length; i++) {
const nextDomain = domainElements.slice(i).join('.');

// write test cookie
storage.setCookie(cookieName, '1', undefined, undefined, nextDomain);

// read test cookie to verify domain was valid
if (storage.getCookie(cookieName) === '1') {
// delete test cookie
storage.setCookie(cookieName, '', 'Thu, 01 Jan 1970 00:00:01 GMT', undefined, nextDomain);
// cookie was written successfully using test domain so the topDomain is updated
topDomain = nextDomain;
} else {
// cookie failed to write using test domain so exit by returning the topDomain
return topDomain;
}
}
}
};

Expand Down
18 changes: 12 additions & 6 deletions modules/userId/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -159,17 +159,23 @@ export function setSubmoduleRegistry(submodules) {
}

/**
* @param {SubmoduleStorage} storage
* @param {SubmoduleContainer} submodule
* @param {(Object|string)} value
*/
function setStoredValue(storage, value) {
export function setStoredValue(submodule, value) {
/**
* @type {SubmoduleStorage}
*/
const storage = submodule.config.storage;
const domainOverride = (typeof submodule.submodule.domainOverride === 'function') ? submodule.submodule.domainOverride() : null;

try {
const valueStr = utils.isPlainObject(value) ? JSON.stringify(value) : value;
const expiresStr = (new Date(Date.now() + (storage.expires * (60 * 60 * 24 * 1000)))).toUTCString();
if (storage.type === COOKIE) {
coreStorage.setCookie(storage.name, valueStr, expiresStr, 'Lax');
coreStorage.setCookie(storage.name, valueStr, expiresStr, 'Lax', domainOverride);
if (typeof storage.refreshInSeconds === 'number') {
coreStorage.setCookie(`${storage.name}_last`, new Date().toUTCString(), expiresStr);
coreStorage.setCookie(`${storage.name}_last`, new Date().toUTCString(), expiresStr, 'Lax', domainOverride);
}
} else if (storage.type === LOCAL_STORAGE) {
coreStorage.setDataInLocalStorage(`${storage.name}_exp`, expiresStr);
Expand Down Expand Up @@ -246,7 +252,7 @@ function processSubmoduleCallbacks(submodules, cb) {
// if valid, id data should be saved to cookie/html storage
if (idObj) {
if (submodule.config.storage) {
setStoredValue(submodule.config.storage, idObj);
setStoredValue(submodule, idObj);
}
// cache decoded value (this is copied to every adUnit bid)
submodule.idObj = submodule.submodule.decode(idObj);
Expand Down Expand Up @@ -437,7 +443,7 @@ function initSubmodules(submodules, consentData) {
if (utils.isPlainObject(response)) {
if (response.id) {
// A getId/extendId result assumed to be valid user id data, which should be saved to users local storage or cookies
setStoredValue(submodule.config.storage, response.id);
setStoredValue(submodule, response.id);
storedId = response.id;
}

Expand Down
44 changes: 43 additions & 1 deletion test/spec/modules/userId_spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ import {
requestBidsHook,
setSubmoduleRegistry,
syncDelay,
coreStorage
coreStorage,
setStoredValue
} from 'modules/userId/index.js';
import {createEidsArray} from 'modules/userId/eids.js';
import {config} from 'src/config.js';
Expand Down Expand Up @@ -1460,4 +1461,45 @@ describe('User ID', function() {
expect(server.requests[0].url).to.equal('https://match.adsrvr.org/track/rid?ttd_pid=rubicon&fmt=json');
});
});

describe('Set cookie behavior', function() {
let coreStorageSpy;
beforeEach(function() {
coreStorageSpy = sinon.spy(coreStorage, 'setCookie');
});
afterEach(function() {
coreStorageSpy.restore();
});
it('should allow submodules to override the domain', function () {
const submodule = {
submodule: {
domainOverride: function() {
return 'foo.com'
}
},
config: {
storage: {
type: 'cookie'
}
}
}
setStoredValue(submodule, 'bar');
expect(coreStorage.setCookie.getCall(0).args[4]).to.equal('foo.com');
});

it('should pass null for domain if submodule does not override the domain', function () {
const submodule = {
submodule: {

},
config: {
storage: {
type: 'cookie'
}
}
}
setStoredValue(submodule, 'bar');
expect(coreStorage.setCookie.getCall(0).args[4]).to.equal(null);
});
});
});