search

InteractiveAdvertisingBureau / GDPR-Transparency-and-Consent-Framework

Technical specifications for IAB Europe Transparency and Consent Framework that will help the digital advertising industry interpret and comply with EU rules on data protection and privacy - notably the General Data Protection Regulation (GDPR) that comes into effect on May 25, 2018.
855 stars 359 forks source link

Consent String via postMessage #337

Closed verasitytech closed 10 months ago

verasitytech commented 1 year ago

Context: scenario where the code seeking for the consent from the user is embedded into publisher's page using an iframe and origin of the iframe differs from the publisher's domain. TCF 2.0 has a great feature to deal with such case where the consent string is passed via the postMessage between main window and an iframe.

Does deprecation of getTCData break the above mentioned feature? What would be the alternative way for an iframe content to request the consent string given that the cross origin policy does not allow scripts to interact directly?

janwinkler commented 1 year ago

the postMessage functionality will remain the same, only that you shall now call the addEventListener command and that you need to consider that your callback function may be called multiple times