Support SafeFrame / x-domain on prebid creatives #885
Conversation
| }; | ||
|
|
||
| var listenAdFromPrebid = function () { | ||
| window.addEventListener("message", renderAd, false); |
| message: 'Prebid creative requested: %%PATTERN:hb_adid%%', | ||
| adId: '%%PATTERN:hb_adid%%' | ||
| }); | ||
| window.parent.postMessage(message, '*'); |
There was a problem hiding this comment.
No way to avoid * here I guess?
| @@ -289,6 +289,35 @@ function setRenderSize(doc, width, height) { | |||
| } | |||
| } | |||
|
|
|||
| function listenAdRequestFromCreative() { | |||
| addEventListener('message', sendAdToCreative, false); | |||
|
|
||
| var ad = adObject.ad; | ||
| var adUrl = adObject.adUrl; | ||
| var message = JSON.stringify({ |
There was a problem hiding this comment.
prefer a factory pattern for creating messages.
protonate
force-pushed
the
feature/x-domain-iframe
branch
from
4a3065a
to
d7f1f48
Compare
| var ad = adObject.ad; | ||
| var doc = window.document; | ||
|
|
||
| // if (doc === document || adObject.mediaType === 'video') { |
There was a problem hiding this comment.
Yep. This code is running in the x-domain iframe, so doc === document. Also utils module is not available so need to solve for a local console.log.
| function requestAdFromPrebid() { | ||
| var message = JSON.stringify({ | ||
| message: 'Prebid Request', | ||
| adId: window.prebidAdId |
There was a problem hiding this comment.
Where does prebidAdId come from?
There was a problem hiding this comment.
The DFP code snippet needs to set the adId for the creative.js, and while developing using an external creative.js file this simply sticks it on the x-domain iframe window object.
| message: 'Prebid Request', | ||
| adId: window.prebidAdId | ||
| }); | ||
| window.parent.postMessage(message, '*'); |
There was a problem hiding this comment.
Should we add a marco for hostname? This could be set as a keyword by Prebid and then communication would be limited between those domains.
There was a problem hiding this comment.
Yes, indeed, I'll make the change.
…ins for postMessage (no wildcards), resize cross domain iframes
|
@mkendall07 this is ready for further review. |
| // creative will be rendered, e.g. DFP delivering a SafeFrame | ||
|
|
||
| const publisherDomain = 'http://localhost:9999'; | ||
| const adServerDomain = 'http://tpc.googlesyndication.com'; |
There was a problem hiding this comment.
Let's add a note about making sure to match the protocol. I assume that this becomes HTTPS on secure pages?
| @@ -0,0 +1,53 @@ | |||
| // this script can be returned by an ad server delivering a cross domain iframe, into which the | |||
| // creative will be rendered, e.g. DFP delivering a SafeFrame | |||
There was a problem hiding this comment.
Can make a note about using a macro here instead of a hardcoded string. Many creatives will be delivered to multiple domains.
| @@ -288,6 +291,58 @@ function setRenderSize(doc, width, height) { | |||
| } | |||
| } | |||
|
|
|||
| function listenMessagesFromCreative() { | |||
There was a problem hiding this comment.
Let's move this function into a separate file
|
@mkendall07 review notes addressed. |
mkendall07
changed the title
Support SafeFrame / x-domain on prebid creatives
…ebid-official-0.18.0 to release/1.13.0 * commit 'e145489bc5dd6d292cf16e7fe80adfdf991562ac': (27 commits) Add changelog entry. Prebid 0.18.0 Release Add Criteo adapter (prebid#928) add an event that fires when requestBids is called (prebid#939) Xaxis adapter submitted by Daniel hoffmann (prebid#938) Add flash detection to TripleLift adapter (prebid#855) OpenX Adapter: Fixed bug regarding cross-domain iframe support (prebid#931) Emit event when setTargetingForGPTAsync is called (prebid#873) Maintenance/refactor hb deal (prebid#935) Reset hb_* keys only for registered aduniits (prebid#934) update code style - smartyads adapter Catch errors in bidsBackHandler. Also fix test cleanup in pbjs api spec. (prebid#905) Smartyads Adapter (prebid#895) Appnexus targeting function (prebid#920) There are 2 changes- (prebid#913) Adding support for all AST parameters (prebid#923) GumGum adapter - include the bid timeout as `tmax` (prebid#908) Add pixel size (prebid#892) enable postMessage listener for cross-domain iframe support (prebid#885) Add Sharethrough adapter (prebid#865) ...
…13.0 to master * commit '7d32ed18c8636d9241ef8b299b6abd885536db69': (27 commits) Add changelog entry. Prebid 0.18.0 Release Add Criteo adapter (prebid#928) add an event that fires when requestBids is called (prebid#939) Xaxis adapter submitted by Daniel hoffmann (prebid#938) Add flash detection to TripleLift adapter (prebid#855) OpenX Adapter: Fixed bug regarding cross-domain iframe support (prebid#931) Emit event when setTargetingForGPTAsync is called (prebid#873) Maintenance/refactor hb deal (prebid#935) Reset hb_* keys only for registered aduniits (prebid#934) update code style - smartyads adapter Catch errors in bidsBackHandler. Also fix test cleanup in pbjs api spec. (prebid#905) Smartyads Adapter (prebid#895) Appnexus targeting function (prebid#920) There are 2 changes- (prebid#913) Adding support for all AST parameters (prebid#923) GumGum adapter - include the bid timeout as `tmax` (prebid#908) Add pixel size (prebid#892) enable postMessage listener for cross-domain iframe support (prebid#885) Add Sharethrough adapter (prebid#865) ...
|
Would the doc also be updated regarding the safeframe option? Here it still says the safeframe box has to be unchecked. And the code snippet doesn't work for safeframe. |
Type of change
Description of change
A creative served in a cross domain iframe can request the ad from the auction winner via
postMessage.