Skip to content

Commit 8c8f2b2

Browse files
author
Maks Orlovich
committed
Start on seller stuff, lots of the pieces, but not all.
1 parent cdc8621 commit 8c8f2b2

File tree

1 file changed

+66
-23
lines changed

1 file changed

+66
-23
lines changed

spec.bs

Lines changed: 66 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,8 @@ spec: RFC8941; urlPrefix: https://httpwg.org/specs/rfc8941.html
5858
for: structured header
5959
text: boolean; url: boolean
6060
text: integer; url: integer
61-
text: boolean; url: boolean
61+
text: list; url: list
62+
text:string; url: string
6263
spec: WebAssembly; urlPrefix: https://webassembly.github.io/spec/core/
6364
type: dfn
6465
urlPrefix: appendix/embedding.html
@@ -1061,9 +1062,9 @@ To <dfn>validate and convert auction ad config</dfn> given an {{AuctionAdConfig}
10611062
1. If |config|["{{AuctionAdConfig/trustedScoringSignalsURL}}"] [=map/exists=]:
10621063
1. Let |trustedScoringSignalsURL| be the result of running the [=URL parser=] on
10631064
|config|["{{AuctionAdConfig/trustedScoringSignalsURL}}"].
1064-
1. If |trustedScoringSignalsURL| is failure, or it is not [=same origin=] with |auctionConfig|'s
1065-
[=auction config/seller=], then return failure.
1066-
1. [=Assert=]: |trustedScoringSignalsURL|'s [=url/scheme=] is "`https`".
1065+
1. If |trustedScoringSignalsURL| is failure, or |trustedScoringSignalURL|'s
1066+
[=url/scheme=] is not "`https`", then return failure.
1067+
1. XXX, this is missing a bunch of checks!
10671068
1. Set |auctionConfig|'s [=auction config/trusted scoring signals url=] to
10681069
|trustedScoringSignalsURL|.
10691070
1. If |config|["{{AuctionAdConfig/maxTrustedScoringSignalsURLLength}}"] [=map/exists=]:
@@ -1889,20 +1890,26 @@ or "component-auction", a [=currency tag=] |componentAuctionExpectedCurrency|, a
18891890
[=generated bid/ad component descriptors=]:
18901891
1. [=list/Append=] [=URL serializer|serialized=] |adComponentDescriptor|'s [=ad descriptor/url=]
18911892
to |adComponentRenderURLs|.
1892-
1. Let |fullSignalsUrl| be the result of [=building trusted scoring signals url=] with |auctionConfig|'s
1893-
[=auction config/trusted scoring signals url=], «|renderURL|», |adComponentRenderURLs|,
1894-
|auctionConfig|'s [=auction config/seller experiment group id=], and |topLevelOrigin|.
1895-
1896-
Implementations may batch requests by collecting render URLs and ad component render URLs
1897-
from multiple invocations of [=score and rank a bid=] and passing them all to a single invocation
1898-
of [=building trusted scoring signals url=] to get a |scoringSignalsUrl|. By employing this approach,
1899-
the [=string/length=] of [=URL serializer|serialized=] |scoringSignalsUrl| must not exceed the
1900-
1901-
[=auction config/max trusted scoring signals url length=] of the auction. In cases where the length
1902-
limit is exceeded, the request must be divided into smaller pieces to comply with the length restriction.
1903-
However, note that a single request is always considered valid, regardless of whether its length exceeds
1904-
the auction's [=auction config/max trusted scoring signals url length=].
1905-
1893+
1. Let |crossOriginTrustedScoringSignalsOrigin| be null.
1894+
1. Let |fullSignalsUrl| be null.
1895+
1. If |auctionConfig|'s [=auction config/trusted scoring signals url=] is not null:
1896+
1. Let |fullSignalsUrl| be the result of [=building trusted scoring signals url=] with |auctionConfig|'s
1897+
[=auction config/trusted scoring signals url=], «|renderURL|», |adComponentRenderURLs|,
1898+
|auctionConfig|'s [=auction config/seller experiment group id=], and |topLevelOrigin|.
1899+
1900+
Implementations may batch requests by collecting render URLs and ad component render URLs
1901+
from multiple invocations of [=score and rank a bid=] and passing them all to a single invocation
1902+
of [=building trusted scoring signals url=] to get a |scoringSignalsUrl|. By employing this approach,
1903+
the [=string/length=] of [=URL serializer|serialized=] |scoringSignalsUrl| must not exceed the
1904+
[=auction config/max trusted scoring signals url length=] of the auction. In cases where the length
1905+
limit is exceeded, the request must be divided into smaller pieces to comply with the length restriction.
1906+
However, note that a single request is always considered valid, regardless of whether its length exceeds
1907+
the auction's [=auction config/max trusted scoring signals url length=].
1908+
1909+
The network response has to be parsed to pull out the pieces relevant to each
1910+
[=evaluating a scoring script|evaluation of a scoring script=].
1911+
1912+
<<<<<<< Updated upstream
19061913

19071914
The network response has to be parsed to pull out the pieces relevant to each
19081915
[=evaluating a scoring script|evaluation of a scoring script=].
@@ -1923,6 +1930,38 @@ or "component-auction", a [=currency tag=] |componentAuctionExpectedCurrency|, a
19231930
[=map/exists=], then [=map/set=] |adComponentRenderURLsValue|[|adComponentRenderURL|] to
19241931
|allTrustedScoringSignals|["`adComponentRenderURLs`"][|adComponentRenderURL|].
19251932
1. [=map/Set=] |trustedScoringSignals|["`adComponentRenderURLs`"] to |adComponentRenderURLsValue|.
1933+
=======
1934+
These requests may also begin before the script fetch, but requests cross-origin to the
1935+
script origin must not happen until [:Ad-Auction-Allow-Trusted-Scoring-Signals-From:] header on
1936+
the script is received, parsed, and determined to authorize such a fetch.
1937+
1. If |fullSignalsUrl| is not same [=same origin=] with |auctionConfig|'s [=auction config/seller=],
1938+
then:
1939+
1. Set |crossOriginTrustedScoringSignalsOrigin| to |fullSignalsUrl|'s [=url/origin=].
1940+
1. If |allowedCrossOriginTrustedScoringSignals| does not [=list/contain=] |crossOriginTrustedScoringSignalsOrigin|:
1941+
1. Set |crossOriginTrustedScoringSignalsOrigin| to null.
1942+
1. Set |fullSignalsUrl| to null.
1943+
1. Let |sameOriginTrustedScoringSignals| be null.
1944+
1. Let |crossOriginTrustedScoringSignals| be null.
1945+
1. If |fullSignalsUrl| is not null:
1946+
1. Let |trustedScoringSignals| be null.
1947+
1. Let «|allTrustedScoringSignals|, ignored, |scoringDataVersion|» be the result of [=fetching
1948+
trusted signals=] with |fullSignalsUrl|, |auctionConfig|'s [=auction config/seller=], and false.
1949+
1. If |allTrustedScoringSignals| is an [=ordered map=]:
1950+
1. Set |trustedScoringSignals| to a new empty [=map=].
1951+
1. [=map/Set=] |trustedScoringSignals|["`renderURL`"] to a new empty [=map=].
1952+
1. If |allTrustedScoringSignals|["`renderURLs`"] [=map/exists=] and
1953+
|allTrustedScoringSignals|["`renderURLs`"][|renderURL|] [=map/exists=], then [=map/set=] |trustedScoringSignals|["`renderURL`"][|renderURL|] to
1954+
|allTrustedScoringSignals|["`renderURLs`"][|renderURL|].
1955+
1. If |adComponentRenderURLs| is not [=list/empty=]:
1956+
1. Let |adComponentRenderURLsValue| be a new empty [=map=].
1957+
1. If |allTrustedScoringSignals|["`adComponentRenderURLs`"] [=map/exists=], [=set/for each=]
1958+
|adComponentRenderURL| in |adComponentRenderURLs|:
1959+
1. If |allTrustedScoringSignals|["`adComponentRenderURLs`"][|adComponentRenderURL|]
1960+
[=map/exists=], then [=map/set=] |adComponentRenderURLsValue|[|adComponentRenderURL|] to
1961+
|allTrustedScoringSignals|["`adComponentRenderURLs`"][|adComponentRenderURL|].
1962+
1. [=map/Set=] |trustedScoringSignals|["`adComponentRenderURLs`"] to |adComponentRenderURLsValue|.
1963+
1. XXX --- cross or main. Do not wrap null. Actually, is that OK in the other case?
1964+
>>>>>>> Stashed changes
19261965
1. Let |adMetadata| be |generatedBid|'s [=generated bid/ad=].
19271966
1. Let |bidValue| be |generatedBid|'s [=generated bid/bid=].
19281967
1. If |generatedBid|'s [=generated bid/modified bid=] is not null, then set |bidValue| to
@@ -1944,7 +1983,11 @@ or "component-auction", a [=currency tag=] |componentAuctionExpectedCurrency|, a
19441983
<dd>The result of [=serializing a currency tag=] with |generatedBid|'s [=generated bid/bid=]'s
19451984
[=bid with currency/currency=]
19461985
<dt>{{ScoringBrowserSignals/dataVersion}}
1947-
<dd>|scoringDataVersion| if it is not null, {{undefined}} otherwise
1986+
<dd>|scoringDataVersion| if it is not null and |crossOriginTrustedScoringSignalsOrigin| is null,
1987+
unset otherwise.
1988+
<dt>{{ScoringBrowserSignals/crossOriginDataVersion}}
1989+
<dd>|scoringDataVersion| if it is not null and |crossOriginTrustedScoringSignalsOrigin| is not
1990+
null, unset otherwise.
19481991
<dt>{{ScoringBrowserSignals/adComponents}}
19491992
<dd>|generatedBid|'s [=generated bid/ad component descriptors=] [=converted to a string sequence=]
19501993
<dt>{{ScoringBrowserSignals/forDebuggingOnlyInCooldownOrLockout}}
@@ -2123,6 +2166,9 @@ To <dfn>validate fetching response</dfn> given a [=response=] |response|, null,
21232166
1. Return true.
21242167
</div>
21252168

2169+
The <dfn http-header><code>Ad-Auction-Allow-Trusted-Scoring-Signals-From</code></dfn> HTTP response header is a
2170+
[=structured header=] whose value must be a [=structured header/list=] of [=structured header/strings=].
2171+
21262172
<div algorithm>
21272173
To <dfn>fetch script</dfn> given a [=URL=] |url|:
21282174
1. Let |request| be a new [=request=] with the following properties:
@@ -4891,6 +4937,7 @@ dictionary ScoringBrowserSignals {
48914937
required DOMString bidCurrency;
48924938

48934939
unsigned long dataVersion;
4940+
unsigned long crossOriginDataVersion;
48944941
sequence<USVString> adComponents;
48954942
boolean forDebuggingOnlyInCooldownOrLockout = false;
48964943
};
@@ -5245,10 +5292,6 @@ An <dfn>auction config</dfn> is a [=struct=] with the following [=struct/items=]
52455292
Provide a mechanism for making real-time data (information about a specific [=ad creative=])
52465293
available for use at [=evaluate a scoring script|scoring=] time, e.g. the results of some ad
52475294
scanning system.
5248-
<p class="note">
5249-
When non-null, the [=auction config/trusted scoring signals url=]'s [=origin=] will always be
5250-
[=same origin=] with [=auction config/seller=].
5251-
</p>
52525295
: <dfn>max trusted scoring signals url length</dfn>
52535296
:: A {{long}} integer, initially 0. Indicates the maximum trusted scoring signals fetch url length
52545297
for the auction config. 0 means no limit.

0 commit comments

Comments
 (0)