Skip to content

Commit

Permalink
Kobler adapter: Fix to avoid bidding with third-party creatives requi…
Browse files Browse the repository at this point in the history
…ring consent or legitimate interest. (prebid#11559)

* Kobler adapter: Fix to avoid bidding with third-party creatives requiring consent or legitimate interest.

* Fixed tests.
  • Loading branch information
acsbendi authored May 24, 2024
1 parent abf0fd0 commit 29a5b40
Show file tree
Hide file tree
Showing 2 changed files with 63 additions and 42 deletions.
38 changes: 27 additions & 11 deletions modules/koblerBidAdapter.js
Original file line number Diff line number Diff line change
Expand Up @@ -90,8 +90,6 @@ export const onTimeout = function (timeoutDataArray) {
timeoutDataArray.forEach(timeoutData => {
const query = parseQueryStringParameters({
ad_unit_code: timeoutData.adUnitCode,
// TODO: fix auctionId leak: https://github.com/prebid/Prebid.js/issues/9781
auction_id: timeoutData.auctionId,
bid_id: timeoutData.bidId,
timeout: timeoutData.timeout,
page_url: pageUrl,
Expand All @@ -103,13 +101,6 @@ export const onTimeout = function (timeoutDataArray) {
};

function getPageUrlFromRequest(validBidRequest, bidderRequest) {
// pageUrl is considered only when testing to ensure that non-test requests always contain the correct URL
if (isTest(validBidRequest) && config.getConfig('pageUrl')) {
// TODO: it's not clear what the intent is here - but all adapters should always respect pageUrl.
// With prebid 7, using `refererInfo.page` will do that automatically.
return config.getConfig('pageUrl');
}

return (bidderRequest.refererInfo && bidderRequest.refererInfo.page)
? bidderRequest.refererInfo.page
: window.location.href;
Expand All @@ -125,7 +116,26 @@ function getPageUrlFromRefererInfo() {
function buildOpenRtbBidRequestPayload(validBidRequests, bidderRequest) {
const imps = validBidRequests.map(buildOpenRtbImpObject);
const timeout = bidderRequest.timeout;
const pageUrl = getPageUrlFromRequest(validBidRequests[0], bidderRequest)
const pageUrl = getPageUrlFromRequest(validBidRequests[0], bidderRequest);
// Kobler, a contextual advertising provider, does not process any personal data itself, so it is not part of TCF/GVL.
// However, it supports using select third-party creatives in its platform, some of which require certain permissions
// in order to be shown. Kobler's bidder checks if necessary permissions are present to avoid bidding
// with ineligible creatives.
let purpose2Given;
let purpose3Given;
if (bidderRequest.gdprConsent && bidderRequest.gdprConsent.vendorData) {
const vendorData = bidderRequest.gdprConsent.vendorData
const purposeData = vendorData.purpose;
const restrictions = vendorData.publisher ? vendorData.publisher.restrictions : null;
const restrictionForPurpose2 = restrictions ? (restrictions[2] ? Object.values(restrictions[2])[0] : null) : null;
purpose2Given = restrictionForPurpose2 === 1 ? (
purposeData && purposeData.consents && purposeData.consents[2]
) : (
restrictionForPurpose2 === 0
? false : (purposeData && purposeData.legitimateInterests && purposeData.legitimateInterests[2])
);
purpose3Given = purposeData && purposeData.consents && purposeData.consents[3];
}
const request = {
id: bidderRequest.bidderRequestId,
at: 1,
Expand All @@ -138,7 +148,13 @@ function buildOpenRtbBidRequestPayload(validBidRequests, bidderRequest) {
site: {
page: pageUrl,
},
test: getTestAsNumber(validBidRequests[0])
test: getTestAsNumber(validBidRequests[0]),
ext: {
kobler: {
tcf_purpose_2_given: purpose2Given,
tcf_purpose_3_given: purpose3Given
}
}
};

return JSON.stringify(request);
Expand Down
67 changes: 36 additions & 31 deletions test/spec/modules/koblerBidAdapter_spec.js
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,37 @@ import {config} from 'src/config.js';
import * as utils from 'src/utils.js';
import {getRefererInfo} from 'src/refererDetection.js';

function createBidderRequest(auctionId, timeout, pageUrl) {
function createBidderRequest(auctionId, timeout, pageUrl, addGdprConsent) {
const gdprConsent = addGdprConsent ? {
consentString: 'BOtmiBKOtmiBKABABAENAFAAAAACeAAA',
apiVersion: 2,
vendorData: {
purpose: {
consents: {
1: false,
2: true,
3: false
}
},
publisher: {
restrictions: {
'2': {
// require consent
'11': 1
}
}
}
},
gdprApplies: true
} : {};
return {
bidderRequestId: 'mock-uuid',
auctionId: auctionId || 'c1243d83-0bed-4fdb-8c76-42b456be17d0',
timeout: timeout || 2000,
refererInfo: {
page: pageUrl || 'example.com'
}
},
gdprConsent: gdprConsent
};
}

Expand Down Expand Up @@ -289,27 +312,6 @@ describe('KoblerAdapter', function () {
expect(openRtbRequest.test).to.be.equal(1);
});

it('should read pageUrl from config when testing', function () {
config.setConfig({
pageUrl: 'https://testing-url.com'
});
const validBidRequests = [
createValidBidRequest(
{
test: true
}
)
];
const bidderRequest = createBidderRequest();

const result = spec.buildRequests(validBidRequests, bidderRequest);
expect(result.url).to.be.equal('https://bid-service.dev.essrtb.com/bid/prebid_rtb_call');

const openRtbRequest = JSON.parse(result.data);
expect(openRtbRequest.site.page).to.be.equal('https://testing-url.com');
expect(openRtbRequest.test).to.be.equal(1);
});

it('should not read pageUrl from config when not testing', function () {
config.setConfig({
pageUrl: 'https://testing-url.com'
Expand Down Expand Up @@ -439,7 +441,8 @@ describe('KoblerAdapter', function () {
const bidderRequest = createBidderRequest(
'9ff580cf-e10e-4b66-add7-40ac0c804e21',
4500,
'bid.kobler.no'
'bid.kobler.no',
true
);

const result = spec.buildRequests(validBidRequests, bidderRequest);
Expand Down Expand Up @@ -529,7 +532,13 @@ describe('KoblerAdapter', function () {
site: {
page: 'bid.kobler.no'
},
test: 0
test: 0,
ext: {
kobler: {
tcf_purpose_2_given: true,
tcf_purpose_3_given: false
}
}
};

expect(openRtbRequest).to.deep.equal(expectedOpenRtbRequest);
Expand Down Expand Up @@ -702,14 +711,12 @@ describe('KoblerAdapter', function () {
spec.onTimeout([
{
adUnitCode: 'adunit-code',
auctionId: 'a1fba829-dd41-409f-acfb-b7b0ac5f30c6',
bidId: 'ef236c6c-e934-406b-a877-d7be8e8a839a',
timeout: 100,
params: [],
},
{
adUnitCode: 'adunit-code-2',
auctionId: 'a1fba829-dd41-409f-acfb-b7b0ac5f30c6',
bidId: 'ca4121c8-9a4a-46ba-a624-e9b64af206f2',
timeout: 100,
params: [],
Expand All @@ -719,13 +726,11 @@ describe('KoblerAdapter', function () {
expect(utils.triggerPixel.callCount).to.be.equal(2);
expect(utils.triggerPixel.getCall(0).args[0]).to.be.equal(
'https://bid.essrtb.com/notify/prebid_timeout?ad_unit_code=adunit-code&' +
'auction_id=a1fba829-dd41-409f-acfb-b7b0ac5f30c6&bid_id=ef236c6c-e934-406b-a877-d7be8e8a839a&timeout=100&' +
'page_url=' + encodeURIComponent(getRefererInfo().page)
'bid_id=ef236c6c-e934-406b-a877-d7be8e8a839a&timeout=100&page_url=' + encodeURIComponent(getRefererInfo().page)
);
expect(utils.triggerPixel.getCall(1).args[0]).to.be.equal(
'https://bid.essrtb.com/notify/prebid_timeout?ad_unit_code=adunit-code-2&' +
'auction_id=a1fba829-dd41-409f-acfb-b7b0ac5f30c6&bid_id=ca4121c8-9a4a-46ba-a624-e9b64af206f2&timeout=100&' +
'page_url=' + encodeURIComponent(getRefererInfo().page)
'bid_id=ca4121c8-9a4a-46ba-a624-e9b64af206f2&timeout=100&page_url=' + encodeURIComponent(getRefererInfo().page)
);
});
});
Expand Down

0 comments on commit 29a5b40

Please sign in to comment.