Prevent 'about:' protocol in _publisherTagUrl #1170
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ome req from injected iframe
|
@tr-coull Please resolve the conflict. |
|
Commit 1b4f21c resolves the issue. |
|
@tr-coull |
|
@mkendall07 resolved and all tests pass now. We got there eventually ;) |
vzhukovsky
added a commit
to aol/Prebid.js
that referenced
this pull request
Sep 6, 2017
….24.0 to aolgithub-master * commit '7a81386579a3c129617323ef32e1c8be0897c3c7': (31 commits) Added changelog entry. Added records in aolPartnersIds.json. Prebid 0.25.0 Release Added Unruly adapter (prebid#1264) Fixing Adyoulike adapter for Safari iOS7 (prebid#1296) hide overflow to prevent scrolling (prebid#1294) fix protocol detection in iframe (prebid#1293) Add eplanning adapter (prebid#1245) Use Renderer command queue to render outstream (prebid#1283) Generate no-bid response for ech bid request not matched by a bid (prebid#1216) New Cox adapter (prebid#1228) Carambola Adapter (prebid#1221) Pass through transactionId and set fd=1 (prebid#1259) Integration test page for adapters (prebid#1182) Getting DigiTrustID in GumGum adapter (prebid#1256) Trion adapter (prebid#1254) use request bidder code as default bidderCode for createBid (prebid#1235) Add drop pixels once feature to AOL Adapter (prebid#1224) Rubicon Adapter - Adding 320x150 (prebid#1279) Prevent 'about:' protocol in _publisherTagUrl (prebid#1170) ...
jbAdyoulike
pushed a commit
to jbAdyoulike/Prebid.js
that referenced
this pull request
Sep 21, 2017
* handle pubmatic targeting key value pairs if in DFP GPT format * hardcoded pubmatic request to https as protocol-less url prevents chrome req from injected iframe * add newline for consistency * specifically check for http prot, fall back to https in crit adapter * added spaces to pass eslint prebid#1170 * removed blank line refs PR prebid#1170
dluxemburg
pushed a commit
to Genius/Prebid.js
that referenced
this pull request
Jul 17, 2018
* handle pubmatic targeting key value pairs if in DFP GPT format * hardcoded pubmatic request to https as protocol-less url prevents chrome req from injected iframe * add newline for consistency * specifically check for http prot, fall back to https in crit adapter * added spaces to pass eslint prebid#1170 * removed blank line refs PR prebid#1170
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Type of change
Description of change
Criteo adapter would pick up 'about:' as window.location.protocol when in an iframe with 'about:blank'. This code specifically checks for 'http:' and uses that, or 'https:' if not found. A tighter solution would be to (try to) recursively check every window.location.protocol up to top and use 'https:' if found on the way - this commit is a less thorough but safer and smaller solution. I have not written tests as it is a small change.