Consider configurable subdomains

[SmartHubSolutions]

Dear Prebid Server team,

We were informed about the upcoming updates which is outlined in your documentation on Github Issue #2437 (https://github.com/prebid/prebid-server/issues/2437). Our Prebid server adapter contains dynamic subdomains, as can be seen at https://github.com/prebid/prebid-server/blob/master/static/bidder-info/smarthub.yaml#L1.

We are an adtech company that provides solutions for various businesses(clients). To minimize the number of adapters we use, we have implemented a routing mechanism through subdomains. This is critical for us, and we are concerned that the new restrictions may affect our adapter.

Can you please advise us on what we should do in this situation? We would greatly appreciate any recommendations or advice you can offer.

Thank you for your time and consideration.

Best regards. Helen Zolotavina Project Manager

[bretg]

We appreciate that you're getting ahead of this issue @SmartHubSolutions .

The initial enforcement event will allow dynamic subdomains, but:

• we will not allow fully dynamic hosts
• we want the community to think long and hard about WHY any dynamic domains are needed at all.

So {{.Host}}-prebid.smart-hub.io will be ok for 2023, but dynamic domains are a risk and a burden to the Prebid Server host company, and we do not believe there is any reason that bidders must depend on them.

To minimize the number of adapters we use, we have implemented a routing mechanism through subdomains

Please defend this statement. We do not believe dynamic domains or sub-domains are strictly required any scenario at all. In every case we can think of, having a dynamic component in the query string should suffice.

Let's take an explicit use case and guess that your requirement is to run an entirely separate cluster of servers for each customer, or perhaps clusters of customers. This seems like an extreme requirement, but might be useful for service-level reasons.

The obvious solution is to add a query string parameter, and use a load balancer to inspect the query string and send the request to the appropriate back-end cluster. Almost all modern load balancers allow inspection of query string parameters.

[SmartHubSolutions]

Hi @bretg, Thank you for your message and sorry for the late reply.

We've mentioned previously that dynamic subdomains are a necessary requirement for our business operations, and our clients' success, so we would like to clarify why.

As a provider of white label solutions for multiple companies, we have independent server clusters for each of our clients. Dynamic subdomains allow us to indicate the specific client cluster, which is critical for our operations.

While we understand your suggestion of using intermediate servers to route traffic, this would definitely increase response time and result in lost profits for our clients. Additionally, publishers often send traffic to multiple white label solutions (platforms), so asking to specify the correct domain in pbs.yaml is not a feasible solution for them.

Furthermore, dynamic subdomains allow our clients to receive traffic from Prebid on the very first day of their work, making the Prebid Server solution a more attractive integration option.

We appreciate your consideration and look forward to continued collaboration within the Prebid community.

[bretg]

@SmartHubSolutions - we appreciate that this feature makes your lives easier, but at the same time, we hope you recognize that it's a potential threat (or at least headache) to Prebid Server host companies. Malicious actors could spam Prebid Server with thousands of unique {{.Host}}-prebid.smart-hub.io combinations, forcing PBS to do DNS lookups and hold open useless connections.

Is it feasible to consider providing a configured list of valid subdomains with your adapter. e.g.

adapters:
  smarthub:
    endpoint: http://{{Host}}-prebid.smart-hub.io/?seat={{AccountId}}&token={{SourceId}}
    meta-info:
      subdomains:
        - a
        - b
        - c

[bretg]

Discussed in committee. Configurable domains will not scale will if publisher is a key. We agree to let go of this proposal. It may come up again if a host company reports problems resulting from dynamic subdomains.