Closed bretg closed 6 months ago
POC implementation: https://github.com/prebid/prebid-server/pull/3381
Thoughts on changing the config a bit so that cookiedeprecation
is an object and also shortening expirationsec
to ttlsec
to be more in line with other configuration?
auction.privacysandbox.cookiedeprecation.enabled: false
auction.privacysandbox.cookiedeprecation.ttlsec: secondsForExpiration
@bsardo - fine - done and updated above.
- If the value is a string that's less than 100 characters, copy it to $.device.ext.cdep. If it's greater than 100 chars, add a debug warning.
As written, if it is greater than 100 chars we don't want to copy it to $.device.ext.cdep
but rather just emit a debug warning. I just want to confirm that is the intended behavior as this subject came up on the PR.
Ok, updated the text to "If it's greater than 100 chars, don't copy and instead add a debug warning."
I cannot see this value being larger than 100 chars without a major change in the way these testing labels work.
Implemented in PBS-Go v2.10.0.
Looks like it was implemented in PBS-Java v2.11.0. Waiting for confirmation before closing.
Yeah, confirming that this was released in https://github.com/prebid/prebid-server-java/releases/tag/2.11.0 Closing this issue.
As described in https://developer.chrome.com/docs/privacy-sandbox/chrome-testing, Prebid Server should support reading the special 'cookie deprecation header' that can be sent by Chrome browsers during the Privacy Sandbox testing period.
In order to receive the
Sec-Cookie-Deprecation
header however, Prebid Server needs to set the following cookie in every publisher's domain:Cookie Deprecation Config
Support a new account-level config to change the setting of the cookie and reading the test header
Proposed config value is
Defaults to
false
since some publishers and bidder lawyers are sensitive about keeping lists of which cookies are set as a result of a page visit./cookie_sync endpoint
In order to get the Sec-Cookie-Deprecation header as early as possible, it's proposed that the /cookie_sync endpoint set the receive-cookie-deprecation in the sync response. This has the desirable side effect of limiting the reading of Sec-Cookie-Deprecation to Prebid.js requests. It's not relevant for mobile app, CTV, DOOH, etc.
uids
cookie), then don't do anything since it's already been set.Set-Cookie: receive-cookie-deprecation
as defined above. Read the cookiedeprecationexpirationsec config to set the Max-Age./auction endpoint
The job of the /auction endpoint is to read the Sec-Cookie-Deprecation header and add the results to the ORTB request.