-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fire pixel without measure #3
Conversation
// Consent signals are currently checked on the server side. | ||
let fpa = storage.getCookie(QUANTCAST_FPA); | ||
|
||
const coppa = coppaDataHandler.getCoppa(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is coppaDataHandler always available?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, coppaDataHandler is a Prebid utility function. It checks for Coppa configuration parameter that the publisher is expected to pass. When not present, it returns undefined.
modules/quantcastIdSystem.js
Outdated
fpa = ''; | ||
storage.setCookie(QUANTCAST_FPA, fpa, expired, '/', domain, null); | ||
} else if (!fpa) { | ||
var expires = new Date(now.getTime() + (cookieExpTime * 86400000)).toGMTString(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
somewhere we need to be checking we have a valid clientId before we set fpa or call quantserve
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(please add tests to cover this)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this isn't your fault and this is in suit with the current status-quo in Prebid.js, but this is a little maddening.
> git grep '* 24'
modules/apstreamBidAdapter.js: var daysSinceApEpoch = Math.floor(timeDiff / (1000 * 3600 * 24));
modules/categoryTranslation.js: if (!mappingData || timestamp() > mappingData.lastUpdated + refreshInDays * 24 * 60 * 60 * 1000) {
modules/criteoIdSystem.js:const cookiesMaxAge = 13 * 30 * 24 * 60 * 60 * 1000;
modules/id5IdSystem.js: return (new Date(Date.now() + (1000 * 60 * 60 * 24 * expDays))).toUTCString();
modules/lotamePanoramaIdSystem.js:const DAY_MS = 60 * 60 * 24 * 1000;
modules/parrableIdSystem.js:const ONE_YEAR_MS = 364 * 24 * 60 * 60 * 1000;
modules/pubCommonIdSystem.js: const expiresStr = (new Date(Date.now() + (storage.expires * (60 * 60 * 24 * 1000)))).toUTCString();
modules/userId/index.js: const expiresStr = (new Date(Date.now() + (storage.expires * (60 * 60 * 24 * 1000)))).toUTCString();
modules/userId/index.js: const expiresStr = (new Date(Date.now() + (CONSENT_DATA_COOKIE_STORAGE_CONFIG.expires * (60 * 60 * 24 * 1000)))).toUTCString();
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ssmccoy - Yeah, this could have been one common const somewhere.
Btw, Any objections to also change 86400000 to 60 * 60 * 24 * 1000? I think it is at least a little clearer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Few questions.
modules/quantcastIdSystem.js
Outdated
fpa = ''; | ||
storage.setCookie(QUANTCAST_FPA, fpa, expired, '/', domain, null); | ||
} else if (!fpa) { | ||
var expires = new Date(now.getTime() + (cookieExpTime * 86400000)).toGMTString(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So this isn't your fault and this is in suit with the current status-quo in Prebid.js, but this is a little maddening.
> git grep '* 24'
modules/apstreamBidAdapter.js: var daysSinceApEpoch = Math.floor(timeDiff / (1000 * 3600 * 24));
modules/categoryTranslation.js: if (!mappingData || timestamp() > mappingData.lastUpdated + refreshInDays * 24 * 60 * 60 * 1000) {
modules/criteoIdSystem.js:const cookiesMaxAge = 13 * 30 * 24 * 60 * 60 * 1000;
modules/id5IdSystem.js: return (new Date(Date.now() + (1000 * 60 * 60 * 24 * expDays))).toUTCString();
modules/lotamePanoramaIdSystem.js:const DAY_MS = 60 * 60 * 24 * 1000;
modules/parrableIdSystem.js:const ONE_YEAR_MS = 364 * 24 * 60 * 60 * 1000;
modules/pubCommonIdSystem.js: const expiresStr = (new Date(Date.now() + (storage.expires * (60 * 60 * 24 * 1000)))).toUTCString();
modules/userId/index.js: const expiresStr = (new Date(Date.now() + (storage.expires * (60 * 60 * 24 * 1000)))).toUTCString();
modules/userId/index.js: const expiresStr = (new Date(Date.now() + (CONSENT_DATA_COOKIE_STORAGE_CONFIG.expires * (60 * 60 * 24 * 1000)))).toUTCString();
modules/quantcastIdSystem.js
Outdated
|
||
const QUANTCAST_FPA = '__qca'; | ||
const DEFAULT_COOKIE_EXP_TIME = 392; // (13 months - 2 days) | ||
const PREBID_PCODE = 'p-KceJUEvXN48CE'; // Not associated with a real account | ||
const DOMAIN_QSERVE = 'https://pixel.quantserve.com/pixel'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
QSERVE_URL
? This isn't really a domain.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Question: Do we want to use a protocol relative URL instead? I mean maybe not these days, but it is common practice.
Note: If we did, it would be QSERVE_URL = "//pixel.quantserve.com/pixel";
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, the advantage of this is that the URL would have the same protocol as the site it is on (versus always being https), right? I think that makes sense.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i think we need to use secure these days for certain cookie based stuff to work in Chrome? (might be mistaken about that). I guess that's less of a concern here, although i suppose these requests will set 3rd party cookies where they can.
My vote would just be to keep this secure i think. Does that ever cause issues if done on a non-secure site?
We should use QSERVE_URL
as Scott suggests though.
modules/quantcastIdSystem.js
Outdated
usPrivacyParamString = `&us_privacy=${US_PRIVACY_STRING}`; | ||
} | ||
|
||
let url = DOMAIN_QSERVE + |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just had removed 'et' and 'tzo' in the previous commit - b31c0f9
Only cause the general consensus currently is that we want to keep the number of parameters we send through prebid minimum in our first iteration unless we have strong justification for needing it
modules/quantcastIdSystem.js
Outdated
usPrivacyParamString = `&us_privacy=${US_PRIVACY_STRING}`; | ||
} | ||
|
||
let url = DOMAIN_QSERVE + |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just had removed 'et' and 'tzo' in the previous commit - b31c0f9
Only cause the general consensus currently is that we want to keep the number of parameters we send through prebid minimum in our first iteration unless we have strong justification for needing it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
lgtm on the issues i'd raised - please get to resolution on the outstanding comments from Scott |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some final comments.
modules/quantcastIdSystem.js
Outdated
var gdprParamStrings; | ||
|
||
if (!fpa) { | ||
var expires = new Date(now.getTime() + (cookieExpDays * 86400000)).toGMTString(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Seems weird to call now.getTime()
twice in a row like this. Also weird to use string interpolation below and not here.
Why not do this instead?
const DAY_MS = 86400000;
/* ... *snip* ... */
var et = now.getTime();
var expires = new Date(et + (cookieExpDays * DAY_MS)).toGMTString();
var rand = Math.round(Math.random() * 2147483647);
fpa = "B0-${rand}-${et}";
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Otherwise 👍
let's use a more meaningful title for the PR when you make it on prebid proper |
Type of change
Description of change
For internal team : https://docs.google.com/document/d/17gw3hnOSTZgHKqNXXWZJSdO6QG3bOyjKpgXxzstH3Pc/edit#
Be sure to test the integration with your adserver using the Hello World sample page.
For any changes that affect user-facing APIs or example code documented on http://prebid.org, please provide:
Other information