added audit beacon to detect misuse of this bidder. Detects auctions… #1134
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -3,25 +3,18 @@ var bidmanager = require('../bidmanager.js'), | |
| CONSTANTS = require('../constants.json'); | ||
|
|
||
| import {ajax as ajax} from '../ajax'; | ||
|
|
||
| module.exports = function(bidManager, global, loader){ | ||
|
|
||
| var version = "0.9.0.0", | ||
| defaultZone = "1r", | ||
| defaultPath = "mvo", | ||
| debug = false, | ||
| requestCompleted = false, | ||
| placementCodes = {}, | ||
| loadStart, | ||
| configuredPlacements = [], | ||
| fat = /(^v|(\.0)+$)/gi; | ||
|
|
||
| if(typeof global === "undefined") | ||
| global = window; | ||
|
|
@@ -71,8 +64,7 @@ module.exports = function(bidManager, global, loader){ | |
| return false; | ||
| } | ||
|
|
||
| var bidderCode = "rhythmone"; | ||
|
|
||
| function attempt(valueFunction, defaultValue){ | ||
| try{ | ||
|
|
@@ -86,34 +78,6 @@ module.exports = function(bidManager, global, loader){ | |
| console.log(txt); | ||
| } | ||
|
|
||
| function getBidParameters(bids){ | ||
| for(var i=0;i<bids.length;i++) | ||
| if(typeof bids[i].params === "object" && bids[i].params.placementId) | ||
|
|
@@ -127,7 +91,6 @@ module.exports = function(bidManager, global, loader){ | |
| logToConsole("registering nobid for slot "+params.bids[i].placementCode); | ||
| var bid = bidfactory.createBid(CONSTANTS.STATUS.NO_BID); | ||
| bid.bidderCode = bidderCode; | ||
| bidmanager.addBidResponse(params.bids[i].placementCode, bid); | ||
| } | ||
| } | ||
|
|
@@ -169,12 +132,12 @@ module.exports = function(bidManager, global, loader){ | |
| var d = global.document.location.ancestorOrigins; | ||
| if(d && d.length > 0) | ||
| return d[d.length-1]; | ||
| return global.top.document.location.hostname; // try/catch is in the attempt function | ||
| },"")); | ||
| p("title", attempt(function(){return global.top.document.title;},"")); // try/catch is in the attempt function | ||
| p("url", attempt(function(){ | ||
| var l; | ||
| try{l = global.top.document.location.href.toString();} // try/catch is in the attempt function | ||
| catch(ex){l = global.document.location.href.toString();} | ||
| return l; | ||
| },"")); | ||
|
|
@@ -184,19 +147,18 @@ module.exports = function(bidManager, global, loader){ | |
| p("dtype", ((/(ios|ipod|ipad|iphone|android)/i).test(global.navigator.userAgent) ? 1 : ((/(smart[-]?tv|hbbtv|appletv|googletv|hdmi|netcast\.tv|viera|nettv|roku|\bdtv\b|sonydtv|inettvbrowser|\btv\b)/i).test(global.navigator.userAgent) ? 3 : 2))); | ||
| p("flash", (flashInstalled() ? 1 : 0)); | ||
|
|
||
| var heights = [], | ||
| widths = [], | ||
| floors = [], | ||
| mediaTypes = [], | ||
| i=0; | ||
|
|
||
| configuredPlacements = []; | ||
|
|
||
| p("hbv", global.$$PREBID_GLOBAL$$.version.replace(fat,"")+","+version.replace(fat,"")); | ||
| for(; i<bids.length; i++){ | ||
|
|
||
| var th = [], tw = []; | ||
|
|
||
| if(bids[i].sizes.length > 0 && typeof bids[i].sizes[0] === "number") | ||
|
|
@@ -206,14 +168,14 @@ module.exports = function(bidManager, global, loader){ | |
| tw.push(bids[i].sizes[j][0]); | ||
| th.push(bids[i].sizes[j][1]); | ||
| } | ||
| configuredPlacements.push(bids[i].placementCode); | ||
| heights.push(th.join("|")); | ||
| widths.push(tw.join("|")); | ||
| mediaTypes.push(((/video/i).test(bids[i].mediaType) ? "v" : "d")); | ||
| floors.push(0); | ||
| } | ||
|
|
||
| p("imp", configuredPlacements); | ||
| p("w", widths); | ||
| p("h", heights); | ||
| p("floor", floors); | ||
|
|
@@ -224,53 +186,76 @@ module.exports = function(bidManager, global, loader){ | |
| return endpoint; | ||
| } | ||
|
|
||
| function sendAuditBeacon(placementId){ | ||
| var data = { | ||
| doc_version : 1, | ||
| doc_type : "Prebid Audit", | ||
| placement_id: placementId | ||
| }, | ||
| ao = document.location.ancestorOrigins, | ||
| q = [], | ||
| u = "//hbevents.1rx.io/audit?", | ||
| i = new Image(); | ||
|
|
||
| if(ao && ao.length > 0){ | ||
| data.ancestor_origins = ao[ao.length-1]; | ||
| } | ||
|
|
||
| data.popped = window.opener!==null?1:0; | ||
| data.framed = window.top===window?0:1; | ||
|
There was a problem hiding this comment. Please place this There was a problem hiding this comment. With all due respect, this is unnecessary. A security exception is only thrown when accessing the properties of top. The window object itself can be compared safely. There was a problem hiding this comment. @jstocker76 run this: https://jsfiddle.net/04o2funn/ There was a problem hiding this comment. odd, I get no exception when I run that code in a sample file with a cross domain iframe. Furthermore, I don't get that exception when running the same code by targeting chrome's console to that iframe. What sorcery is this? There was a problem hiding this comment. I see. It's the alert causing the exception. If you just run "window.top" no exception. There was a problem hiding this comment. yeah that makes sense. This is good. Prebid core should probably just utility this function because tons of bidders do this check. There was a problem hiding this comment. https://jsfiddle.net/10j1yw82/ alert must automatically run .toString() on window.top, which would trigger the exception There was a problem hiding this comment. Reeling in the proliferation of duplicate functionality must be a full time job. The list of bidders is getting quite long |
||
|
|
||
| try{ | ||
| data.url = window.top.document.location.href.toString(); | ||
| }catch(ex){ | ||
| data.url = window.document.location.href.toString(); | ||
| } | ||
|
|
||
| var prebid_instance = global.$$PREBID_GLOBAL$$; | ||
|
|
||
| data.prebid_version = prebid_instance.version.replace(fat,""); | ||
| data.response_ms = (new Date()).getTime() - loadStart; | ||
| data.placement_codes = configuredPlacements.join(","); | ||
| data.bidder_version = version; | ||
| data.prebid_timeout = prebid_instance.cbTimeout || prebid_instance.bidderTimeout; | ||
|
|
||
| for(var k in data){ | ||
| q.push(encodeURIComponent(k)+"="+encodeURIComponent((typeof data[k] === "object" ? JSON.stringify(data[k]) : data[k]))); | ||
| } | ||
|
|
||
| q.sort(); | ||
| i.src = u+q.join("&"); | ||
| } | ||
|
|
||
| this.callBids = function(params){ | ||
|
|
||
| var slotMap = {}, | ||
| bidParams = getBidParameters(params.bids); | ||
|
|
||
| debug = (bidParams !== null && bidParams.debug === true); | ||
|
|
||
| if(bidParams === null){ | ||
| noBids(params); | ||
| return; | ||
| } | ||
|
|
||
| for(var i = 0; i<params.bids.length; i++) | ||
| slotMap[params.bids[i].placementCode] = params.bids[i]; | ||
|
|
||
| loadStart = (new Date()).getTime(); | ||
| load(bidParams, getRMPURL(bidParams, params.bids), function(code, msg, txt){ | ||
|
|
||
| // send quality control beacon here | ||
| sendAuditBeacon(bidParams.placementId); | ||
|
|
||
| requestCompleted = true; | ||
|
|
||
| logToConsole("response text: "+txt); | ||
|
|
||
| if(code !== -1){ | ||
| try{ | ||
| var result = JSON.parse(txt), | ||
| registerBid = function(bid){ | ||
|
|
||
| slotMap[bid.impid].success = 1; | ||
|
|
||
| var pbResponse = bidfactory.createBid(CONSTANTS.STATUS.GOOD), | ||
|
|
@@ -293,27 +278,19 @@ module.exports = function(bidManager, global, loader){ | |
|
|
||
| logToConsole("registering bid "+placementCode+" "+JSON.stringify(pbResponse)); | ||
|
|
||
| bidManager.addBidResponse(placementCode, pbResponse); | ||
| }; | ||
|
|
||
| for(i=0; result.seatbid && i<result.seatbid.length; i++) | ||
| for(var j=0; result.seatbid[i].bid && j<result.seatbid[i].bid.length; j++){ | ||
| registerBid(result.seatbid[i].bid[j]); | ||
| } | ||
| } | ||
| catch(ex){} | ||
| } | ||
|
|
||
| // if no bids are successful, inform prebid | ||
| noBids(params); | ||
| }); | ||
|
|
||
| logToConsole("version: "+version); | ||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is browser support for
ancestorOriginsa concern here?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not a concern, it is only available in webkit browsers TMK so it will only be used if there.