npm - prebid.js - Versions diffs - 7.50.0 → 7.52.0 - Mend

prebid.js 7.50.0 → 7.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (240) hide show

package/dist/33acrossBidAdapter.js +1 -1
package/dist/33acrossIdSystem.js +1 -1
package/dist/adagioBidAdapter.js +1 -1
package/dist/adbookpspBidAdapter.js +1 -1
package/dist/adgenerationBidAdapter.js +1 -1
package/dist/adhashBidAdapter.js +1 -1
package/dist/adkernelBidAdapter.js +1 -1
package/dist/admanBidAdapter.js +1 -1
package/dist/adnuntiusBidAdapter.js +1 -1
package/dist/adqueryBidAdapter.js +1 -1
package/dist/adrelevantisBidAdapter.js +1 -1
package/dist/adrinoBidAdapter.js +1 -1
package/dist/adriverIdSystem.js +1 -1
package/dist/adtelligentBidAdapter.js +1 -1
package/dist/adtrgtmeBidAdapter.js +1 -1
package/dist/adxcgBidAdapter.js +1 -1
package/dist/adyoulikeBidAdapter.js +1 -1
package/dist/ajaBidAdapter.js +1 -1
package/dist/allowActivities.js +1 -0
package/dist/amxBidAdapter.js +1 -1
package/dist/amxIdSystem.js +1 -1
package/dist/appierAnalyticsAdapter.js +1 -1
package/dist/appnexusBidAdapter.js +1 -1
package/dist/asoBidAdapter.js +1 -1
package/dist/axonixBidAdapter.js +1 -1
package/dist/bidglassBidAdapter.js +1 -1
package/dist/big-richmediaBidAdapter.js +1 -1
package/dist/bridgewellBidAdapter.js +1 -1
package/dist/brightMountainMediaBidAdapter.js +1 -1
package/dist/carodaBidAdapter.js +1 -1
package/dist/chtnwBidAdapter.js +1 -1
package/dist/cleanioRtdProvider.js +1 -1
package/dist/concertBidAdapter.js +1 -1
package/dist/connectIdSystem.js +1 -1
package/dist/connectadBidAdapter.js +1 -1
package/dist/consumableBidAdapter.js +1 -1
package/dist/conversantAnalyticsAdapter.js +1 -1
package/dist/conversantBidAdapter.js +1 -1
package/dist/craftBidAdapter.js +1 -1
package/dist/criteoBidAdapter.js +1 -1
package/dist/cwireBidAdapter.js +1 -1
package/dist/dependencies.json +6 -0
package/dist/dspxBidAdapter.js +1 -1
package/dist/eplanningBidAdapter.js +1 -1
package/dist/feedadBidAdapter.js +1 -1
package/dist/finativeBidAdapter.js +1 -1
package/dist/freewheel-sspBidAdapter.js +1 -1
package/dist/gdprEnforcement.js +1 -1
package/dist/glimpseBidAdapter.js +1 -1
package/dist/gmosspBidAdapter.js +1 -1
package/dist/goldbachBidAdapter.js +1 -1
package/dist/greenbidsAnalyticsAdapter.js +1 -1
package/dist/greenbidsRtdProvider.js +1 -1
package/dist/gridBidAdapter.js +1 -1
package/dist/growthCodeRtdProvider.js +1 -0
package/dist/gumgumBidAdapter.js +1 -1
package/dist/h12mediaBidAdapter.js +1 -1
package/dist/id5IdSystem.js +1 -1
package/dist/improvedigitalBidAdapter.js +1 -1
package/dist/inmarBidAdapter.js +1 -1
package/dist/insticatorBidAdapter.js +1 -1
package/dist/ixBidAdapter.js +1 -1
package/dist/justpremiumBidAdapter.js +1 -1
package/dist/kargoBidAdapter.js +1 -1
package/dist/konduitAnalyticsAdapter.js +1 -1
package/dist/kueezBidAdapter.js +1 -1
package/dist/kueezRtbBidAdapter.js +1 -1
package/dist/kulturemediaBidAdapter.js +1 -1
package/dist/lassoBidAdapter.js +1 -1
package/dist/lifestreetBidAdapter.js +1 -1
package/dist/liveyieldAnalyticsAdapter.js +1 -1
package/dist/logicadBidAdapter.js +1 -1
package/dist/loglyliftBidAdapter.js +1 -1
package/dist/magniteAnalyticsAdapter.js +1 -1
package/dist/malltvAnalyticsAdapter.js +1 -1
package/dist/marsmediaBidAdapter.js +1 -1
package/dist/mediafuseBidAdapter.js +1 -1
package/dist/mediasquareBidAdapter.js +1 -1
package/dist/mgidBidAdapter.js +1 -1
package/dist/minutemediaBidAdapter.js +1 -1
package/dist/minutemediaplusBidAdapter.js +1 -1
package/dist/nexx360BidAdapter.js +1 -1
package/dist/not-for-prod/prebid.js +144 -140
package/dist/objectGuard.js +1 -0
package/dist/oguryBidAdapter.js +1 -1
package/dist/onetagBidAdapter.js +1 -1
package/dist/ooloAnalyticsAdapter.js +1 -1
package/dist/optidigitalBidAdapter.js +1 -1
package/dist/outbrainBidAdapter.js +1 -1
package/dist/oxxionAnalyticsAdapter.js +1 -0
package/dist/pairIdSystem.js +1 -1
package/dist/parrableIdSystem.js +1 -1
package/dist/pixfutureBidAdapter.js +1 -1
package/dist/prebid-core.js +1 -1
package/dist/prebidServerBidAdapter.js +1 -1
package/dist/publinkIdSystem.js +1 -1
package/dist/pubmaticBidAdapter.js +1 -1
package/dist/pubwiseAnalyticsAdapter.js +1 -1
package/dist/pxyzBidAdapter.js +1 -1
package/dist/quantcastBidAdapter.js +1 -1
package/dist/readpeakBidAdapter.js +1 -1
package/dist/relaidoBidAdapter.js +1 -1
package/dist/retailspotBidAdapter.js +1 -1
package/dist/rhythmoneBidAdapter.js +1 -1
package/dist/riseBidAdapter.js +1 -1
package/dist/rtdModule.js +1 -1
package/dist/rubiconAnalyticsAdapter.js +1 -1
package/dist/rubiconBidAdapter.js +1 -1
package/dist/seedingAllianceBidAdapter.js +1 -1
package/dist/seedtagBidAdapter.js +1 -1
package/dist/sharethroughAnalyticsAdapter.js +1 -1
package/dist/sharethroughBidAdapter.js +1 -1
package/dist/shinezBidAdapter.js +1 -1
package/dist/smaatoBidAdapter.js +1 -1
package/dist/smartadserverBidAdapter.js +1 -1
package/dist/smartxBidAdapter.js +1 -1
package/dist/smilewantedBidAdapter.js +1 -1
package/dist/sonobiBidAdapter.js +1 -1
package/dist/sovrnAnalyticsAdapter.js +1 -1
package/dist/sovrnBidAdapter.js +1 -1
package/dist/sspBCBidAdapter.js +1 -1
package/dist/stvBidAdapter.js +1 -1
package/dist/sublimeBidAdapter.js +1 -1
package/dist/synacormediaBidAdapter.js +1 -1
package/dist/targetVideoBidAdapter.js +1 -1
package/dist/teadsBidAdapter.js +1 -1
package/dist/trionBidAdapter.js +1 -1
package/dist/tripleliftBidAdapter.js +1 -1
package/dist/ttdBidAdapter.js +1 -1
package/dist/ucfunnelAnalyticsAdapter.js +1 -1
package/dist/uid2IdSystem.js +1 -1
package/dist/underdogmediaBidAdapter.js +1 -1
package/dist/undertoneBidAdapter.js +1 -1
package/dist/userId.js +1 -1
package/dist/vidazooBidAdapter.js +1 -1
package/dist/videobyteBidAdapter.js +1 -1
package/dist/visxBidAdapter.js +1 -1
package/dist/vuukleBidAdapter.js +1 -1
package/dist/widespaceBidAdapter.js +1 -1
package/dist/winrBidAdapter.js +1 -1
package/dist/yahoosspBidAdapter.js +1 -1
package/dist/yieldmoBidAdapter.js +1 -1
package/dist/yieldoneAnalyticsAdapter.js +1 -1
package/dist/zeta_global_sspBidAdapter.js +1 -1
package/integrationExamples/gpt/growthcode.html +20 -9
package/libraries/objectGuard/objectGuard.js +108 -0
package/libraries/objectGuard/ortbGuard.js +88 -0
package/modules/adgenerationBidAdapter.js +14 -5
package/modules/adhashBidAdapter.js +28 -17
package/modules/adkernelBidAdapter.js +2 -1
package/modules/admanBidAdapter.js +30 -22
package/modules/adnuntiusBidAdapter.js +98 -79
package/modules/adnuntiusBidAdapter.md +2 -1
package/modules/adqueryBidAdapter.js +7 -1
package/modules/adrinoBidAdapter.js +1 -0
package/modules/adriverIdSystem.js +1 -1
package/modules/adtelligentBidAdapter.js +4 -2
package/modules/allowActivities.js +74 -0
package/modules/appnexusBidAdapter.js +1 -0
package/modules/cleanioRtdProvider.js +2 -4
package/modules/connectIdSystem.js +89 -13
package/modules/connectIdSystem.md +4 -7
package/modules/criteoBidAdapter.js +50 -3
package/modules/freewheel-sspBidAdapter.js +10 -2
package/modules/gdprEnforcement.js +98 -169
package/modules/growthCodeRtdProvider.js +131 -0
package/modules/growthCodeRtdProvider.md +55 -0
package/modules/gumgumBidAdapter.js +5 -0
package/modules/ixBidAdapter.js +5 -2
package/modules/minutemediaBidAdapter.js +13 -3
package/modules/oxxionAnalyticsAdapter.js +212 -0
package/modules/oxxionAnalyticsAdapter.md +33 -0
package/modules/pairIdSystem.js +6 -6
package/modules/prebidServerBidAdapter/index.js +7 -8
package/modules/pubmaticBidAdapter.js +1 -0
package/modules/riseBidAdapter.js +13 -3
package/modules/rtbhouseBidAdapter.md +24 -0
package/modules/rtdModule/index.js +12 -1
package/modules/sharethroughBidAdapter.js +2 -2
package/modules/smartadserverBidAdapter.js +5 -0
package/modules/stvBidAdapter.js +34 -1
package/modules/undertoneBidAdapter.js +9 -1
package/modules/userId/index.js +69 -41
package/modules/yahoosspBidAdapter.js +45 -3
package/modules/yahoosspBidAdapter.md +1 -1
package/modules/zeta_global_sspBidAdapter.js +1 -0
package/package.json +1 -1
package/src/activities/activities.js +47 -0
package/src/activities/activityParams.js +8 -0
package/src/activities/modules.js +1 -1
package/src/activities/params.js +59 -0
package/src/activities/redactor.js +157 -0
package/src/activities/rules.js +95 -0
package/src/adapterManager.js +45 -8
package/src/adloader.js +2 -1
package/src/fpd/rootDomain.js +1 -1
package/src/native.js +20 -4
package/src/prebid.js +1 -1
package/src/storageManager.js +57 -44
package/src/userSync.js +35 -18
package/test/spec/activities/allowActivites_spec.js +138 -0
package/test/spec/activities/objectGuard_spec.js +144 -0
package/test/spec/activities/ortbGuard_spec.js +140 -0
package/test/spec/activities/params_spec.js +25 -0
package/test/spec/activities/redactor_spec.js +296 -0
package/test/spec/activities/rules_spec.js +135 -0
package/test/spec/modules/adgenerationBidAdapter_spec.js +52 -12
package/test/spec/modules/adhashBidAdapter_spec.js +51 -1
package/test/spec/modules/admanBidAdapter_spec.js +1 -2
package/test/spec/modules/adnuntiusBidAdapter_spec.js +535 -264
package/test/spec/modules/adqueryBidAdapter_spec.js +9 -0
package/test/spec/modules/adrinoBidAdapter_spec.js +4 -0
package/test/spec/modules/adtelligentBidAdapter_spec.js +1 -0
package/test/spec/modules/cleanioRtdProvider_spec.js +7 -8
package/test/spec/modules/connectIdSystem_spec.js +291 -23
package/test/spec/modules/criteoBidAdapter_spec.js +134 -2
package/test/spec/modules/freewheel-sspBidAdapter_spec.js +5 -2
package/test/spec/modules/gdprEnforcement_spec.js +127 -414
package/test/spec/modules/growthCodeRtdProvider_spec.js +127 -0
package/test/spec/modules/gumgumBidAdapter_spec.js +14 -0
package/test/spec/modules/ixBidAdapter_spec.js +2 -1
package/test/spec/modules/minutemediaBidAdapter_spec.js +69 -1
package/test/spec/modules/oxxionAnalyticsAdapter_spec.js +324 -0
package/test/spec/modules/pairIdSystem_spec.js +16 -3
package/test/spec/modules/prebidServerBidAdapter_spec.js +3 -1
package/test/spec/modules/pubmaticBidAdapter_spec.js +7 -0
package/test/spec/modules/realTimeDataModule_spec.js +1 -1
package/test/spec/modules/riseBidAdapter_spec.js +69 -1
package/test/spec/modules/sharethroughBidAdapter_spec.js +1 -1
package/test/spec/modules/smartadserverBidAdapter_spec.js +42 -0
package/test/spec/modules/stvBidAdapter_spec.js +13 -1
package/test/spec/modules/undertoneBidAdapter_spec.js +57 -1
package/test/spec/modules/userId_spec.js +80 -21
package/test/spec/modules/yahoosspBidAdapter_spec.js +103 -51
package/test/spec/modules/zeta_global_sspBidAdapter_spec.js +4 -0
package/test/spec/native_spec.js +12 -12
package/test/spec/unit/core/adapterManager_spec.js +181 -1
package/test/spec/unit/core/storageManager_spec.js +76 -68
package/test/spec/unit/pbjs_api_spec.js +15 -25
package/test/spec/userSync_spec.js +45 -16

package/src/activities/rules.js ADDED Viewed

@@ -0,0 +1,95 @@
+import {prefixLog} from '../utils.js';
+import {ACTIVITY_PARAM_COMPONENT} from './params.js';
+export function ruleRegistry(logger = prefixLog('Activity control:')) {
+  const registry = {};
+  function getRules(activity) {
+    return registry[activity] = registry[activity] || [];
+  }
+  function runRule(activity, name, rule, params) {
+    let res;
+    try {
+      res = rule(params);
+    } catch (e) {
+      logger.logError(`Exception in rule ${name} for '${activity}'`, e);
+      res = {allow: false, reason: e};
+    }
+    return res && Object.assign({activity, name, component: params[ACTIVITY_PARAM_COMPONENT]}, res);
+  }
+  const dupes = {};
+  const DEDUPE_INTERVAL = 1000;
+  function logResult({activity, name, allow, reason, component}) {
+    const msg = `${name} ${allow ? 'allowed' : 'denied'} '${activity}' for '${component}'${reason ? ':' : ''}`;
+    const deduping = dupes.hasOwnProperty(msg);
+    if (deduping) {
+      clearTimeout(dupes[msg]);
+    }
+    dupes[msg] = setTimeout(() => delete dupes[msg], DEDUPE_INTERVAL);
+    if (!deduping) {
+      const parts = [msg];
+      reason && parts.push(reason);
+      (allow ? logger.logInfo : logger.logWarn).apply(logger, parts);
+    }
+  }
+  return [
+    /**
+     * Register an activity control rule.
+     *
+     * @param {string} activity activity name - set is defined in `activities.js`
+     * @param {string} ruleName a name for this rule; used for logging.
+     * @param {function({}): {allow: boolean, reason?: string}} rule definition function. Takes in activity
+     *        parameters as a single map; MAY return an object {allow, reason}, where allow is true/false,
+     *        and reason is an optional message used for logging.
+     *
+     *        {allow: true} will allow this activity AS LONG AS no other rules with same or higher priority return {allow: false};
+     *        {allow: false} will deny this activity AS LONG AS no other rules with higher priority return {allow: true};
+     *        returning null/undefined has no effect - the decision is left to other rules.
+     *        If no rule returns an allow value, the default is to allow the activity.
+     *
+     * @param {number} priority rule priority; lower number means higher priority
+     * @returns {function(void): void} a function that unregisters the rule when called.
+     */
+    function registerActivityControl(activity, ruleName, rule, priority = 10) {
+      const rules = getRules(activity);
+      const pos = rules.findIndex(([itemPriority]) => priority < itemPriority);
+      const entry = [priority, ruleName, rule];
+      rules.splice(pos < 0 ? rules.length : pos, 0, entry);
+      return function () {
+        const idx = rules.indexOf(entry);
+        if (idx >= 0) rules.splice(idx, 1);
+      }
+    },
+    /**
+     * Test whether an activity is allowed.
+     *
+     * @param {string} activity activity name
+     * @param {{}} params activity parameters; should be generated through the `activityParams` utility.
+     * @return {boolean} true for allow, false for deny.
+     */
+    function isActivityAllowed(activity, params) {
+      let lastPriority, foundAllow;
+      for (const [priority, name, rule] of getRules(activity)) {
+        if (lastPriority !== priority && foundAllow) break;
+        lastPriority = priority;
+        const ruleResult = runRule(activity, name, rule, params);
+        if (ruleResult) {
+          if (!ruleResult.allow) {
+            logResult(ruleResult);
+            return false;
+          } else {
+            foundAllow = ruleResult;
+          }
+        }
+      }
+      foundAllow && logResult(foundAllow);
+      return true;
+    }
+  ];
+}
+export const [registerActivityControl, isActivityAllowed] = ruleRegistry();

package/src/adapterManager.js CHANGED Viewed

@@ -31,18 +31,28 @@ import {hook} from './hook.js';
 import {find, includes} from './polyfill.js';
 import {adunitCounter} from './adUnits.js';
 import {getRefererInfo} from './refererDetection.js';
-import {GdprConsentHandler, UspConsentHandler, GppConsentHandler, GDPR_GVLIDS} from './consentHandler.js';
+import {GDPR_GVLIDS, GdprConsentHandler, GppConsentHandler, UspConsentHandler} from './consentHandler.js';
 import * as events from './events.js';
 import CONSTANTS from './constants.json';
 import {useMetrics} from './utils/perfMetrics.js';
 import {auctionManager} from './auctionManager.js';
-import {MODULE_TYPE_ANALYTICS, MODULE_TYPE_BIDDER} from './activities/modules.js';
+import {MODULE_TYPE_ANALYTICS, MODULE_TYPE_BIDDER, MODULE_TYPE_PREBID} from './activities/modules.js';
+import {isActivityAllowed} from './activities/rules.js';
+import {ACTIVITY_FETCH_BIDS, ACTIVITY_REPORT_ANALYTICS} from './activities/activities.js';
+import {ACTIVITY_PARAM_ANL_CONFIG, ACTIVITY_PARAM_S2S_NAME, activityParamsBuilder} from './activities/params.js';
+import {redactor} from './activities/redactor.js';
+const PBS_ADAPTER_NAME = 'pbsBidAdapter';
 export const PARTITIONS = {
   CLIENT: 'client',
   SERVER: 'server'
 }
+export const dep = {
+  isAllowed: isActivityAllowed,
+  redact: redactor
+}
 let adapterManager = {};
 let _bidderRegistry = adapterManager.bidderRegistry = {};
@@ -57,6 +67,8 @@ config.getConfig('s2sConfig', config => {
 var _analyticsRegistry = {};
+const activityParams = activityParamsBuilder((alias) => adapterManager.resolveAlias(alias));
 /**
  * @typedef {object} LabelDescriptor
  * @property {boolean} labelAll describes whether or not this object expects all labels to match, or any label to match
@@ -139,7 +151,7 @@ function getAdUnitCopyForPrebidServer(adUnits, s2sConfig) {
   adUnitsCopy.forEach((adUnit) => {
     // filter out client side bids
-    const s2sBids = adUnit.bids.filter((b) => b.module === 'pbsBidAdapter' && b.params?.configName === s2sConfig.configName);
+    const s2sBids = adUnit.bids.filter((b) => b.module === PBS_ADAPTER_NAME && b.params?.configName === s2sConfig.configName);
     if (s2sBids.length === 1) {
       adUnit.s2sBid = s2sBids[0];
       hasModuleBids = true;
@@ -237,6 +249,10 @@ adapterManager.makeBidRequests = hook('sync', function (adUnits, auctionStart, a
   if (FEATURES.NATIVE) {
     decorateAdUnitsWithNativeParams(adUnits);
   }
+  // filter out bidders that cannot participate in the auction
+  adUnits.forEach(au => au.bids = au.bids.filter((bid) => !bid.bidder || dep.isAllowed(ACTIVITY_FETCH_BIDS, activityParams(MODULE_TYPE_BIDDER, bid.bidder))))
   adUnits = setupAdUnitMediaTypes(adUnits, labels);
   let {[PARTITIONS.CLIENT]: clientBidders, [PARTITIONS.SERVER]: serverBidders} = partitionBidders(adUnits, _s2sConfigs);
@@ -252,14 +268,24 @@ adapterManager.makeBidRequests = hook('sync', function (adUnits, auctionStart, a
   const bidderOrtb2 = ortb2Fragments.bidder || {};
   function addOrtb2(bidderRequest) {
-    const fpd = Object.freeze(mergeDeep({}, ortb2, bidderOrtb2[bidderRequest.bidderCode]));
+    const redact = dep.redact(activityParams(MODULE_TYPE_BIDDER, bidderRequest.bidderCode));
+    const fpd = Object.freeze(redact.ortb2(mergeDeep({}, ortb2, bidderOrtb2[bidderRequest.bidderCode])));
     bidderRequest.ortb2 = fpd;
-    bidderRequest.bids.forEach((bid) => bid.ortb2 = fpd);
+    bidderRequest.bids = bidderRequest.bids.map((bid) => {
+      bid.ortb2 = fpd;
+      return redact.bidRequest(bid);
+    })
     return bidderRequest;
   }
+  function isS2SAllowed(s2sConfig) {
+    return dep.isAllowed(ACTIVITY_FETCH_BIDS, activityParams(MODULE_TYPE_PREBID, PBS_ADAPTER_NAME, {
+      [ACTIVITY_PARAM_S2S_NAME]: s2sConfig.configName
+    }));
+  }
   _s2sConfigs.forEach(s2sConfig => {
-    if (s2sConfig && s2sConfig.enabled) {
+    if (s2sConfig && s2sConfig.enabled && isS2SAllowed(s2sConfig)) {
       let {adUnits: adUnitsS2SCopy, hasModuleBids} = getAdUnitCopyForPrebidServer(adUnits, s2sConfig);
       // uniquePbsTid is so we know which server to send which bids to during the callBids function
@@ -338,7 +364,6 @@ adapterManager.makeBidRequests = hook('sync', function (adUnits, auctionStart, a
       bidRequest['gppConsent'] = gppDataHandler.getConsentData();
     }
   });
   return bidRequests;
 }, 'makeBidRequests');
@@ -529,6 +554,16 @@ adapterManager.aliasBidAdapter = function (bidderCode, alias, options) {
   }
 };
+adapterManager.resolveAlias = function (alias) {
+  let code = alias;
+  let visited;
+  while (_aliasRegistry[code] && (!visited || !visited.has(code))) {
+    code = _aliasRegistry[code];
+    (visited = visited || new Set()).add(code);
+  }
+  return code;
+}
 adapterManager.registerAnalyticsAdapter = function ({adapter, code, gvlid}) {
   if (adapter && code) {
     if (typeof adapter.enableAnalytics === 'function') {
@@ -552,7 +587,9 @@ adapterManager.enableAnalytics = function (config) {
   _each(config, adapterConfig => {
     const entry = _analyticsRegistry[adapterConfig.provider];
     if (entry && entry.adapter) {
-      entry.adapter.enableAnalytics(adapterConfig);
+      if (dep.isAllowed(ACTIVITY_REPORT_ANALYTICS, activityParams(MODULE_TYPE_ANALYTICS, adapterConfig.provider, {[ACTIVITY_PARAM_ANL_CONFIG]: adapterConfig}))) {
+        entry.adapter.enableAnalytics(adapterConfig);
+      }
     } else {
       logError(`Prebid Error: no analytics adapter found in registry for '${adapterConfig.provider}'.`);
     }

package/src/adloader.js CHANGED Viewed

@@ -22,7 +22,8 @@ const _approvedLoadExternalJSList = [
   'improvedigital',
   'aaxBlockmeter',
   'confiant',
-  'arcspan'
+  'arcspan',
+  'clean.io'
 ]
 /**

package/src/fpd/rootDomain.js CHANGED Viewed

@@ -1,7 +1,7 @@
 import {memoize, timestamp} from '../utils.js';
 import {getCoreStorageManager} from '../storageManager.js';
-export const coreStorage = getCoreStorageManager();
+export const coreStorage = getCoreStorageManager('fpdEnrichment');
 /**
  * Find the root domain by testing for the topmost domain that will allow setting cookies.

package/src/native.js CHANGED Viewed

@@ -556,6 +556,21 @@ export function toOrtbNativeRequest(legacyNativeAssets) {
   return ortb;
 }
+/**
+ * Greatest common divisor between two positive integers
+ * https://en.wikipedia.org/wiki/Euclidean_algorithm
+ */
+function gcd(a, b) {
+  while (a && b && a !== b) {
+    if (a > b) {
+      a = a - b;
+    } else {
+      b = b - a;
+    }
+  }
+  return a || b;
+}
 /**
  * This function converts an OpenRTB native request object to Prebid proprietary
  * format. The purpose of this function is to help adapters to handle the
@@ -584,12 +599,13 @@ export function fromOrtbNativeRequest(openRTBRequest) {
       if (asset.img.w && asset.img.h) {
         image.sizes = [asset.img.w, asset.img.h];
       } else if (asset.img.wmin && asset.img.hmin) {
-        image.aspect_ratios = {
+        const scale = gcd(asset.img.wmin, asset.img.hmin)
+        image.aspect_ratios = [{
           min_width: asset.img.wmin,
           min_height: asset.img.hmin,
-          ratio_width: asset.img.wmin,
-          ratio_height: asset.img.hmin
-        }
+          ratio_width: asset.img.wmin / scale,
+          ratio_height: asset.img.hmin / scale
+        }]
       }
       if (asset.img.type === NATIVE_IMAGE_TYPES.MAIN) {

package/src/prebid.js CHANGED Viewed

@@ -1004,7 +1004,7 @@ if (FEATURES.VIDEO) {
     const bids = fetchReceivedBids(markBidRequest, 'Improper use of markWinningBidAsUsed. It needs an adUnitCode or an adId to function.');
     if (bids.length > 0) {
-      bids[0].status = CONSTANTS.BID_STATUS.RENDERED;
+      auctionManager.addWinningBid(bids[0]);
     }
   }
 }

package/src/storageManager.js CHANGED Viewed

@@ -1,7 +1,17 @@
-import {hook} from './hook.js';
-import {checkCookieSupport, hasDeviceAccess, logError, logInfo} from './utils.js';
-import {bidderSettings as defaultBidderSettings} from './bidderSettings.js';
-import {MODULE_TYPE_BIDDER, MODULE_TYPE_CORE} from './activities/modules.js';
+import {checkCookieSupport, hasDeviceAccess, logError} from './utils.js';
+import {bidderSettings} from './bidderSettings.js';
+import {MODULE_TYPE_BIDDER, MODULE_TYPE_PREBID} from './activities/modules.js';
+import {isActivityAllowed, registerActivityControl} from './activities/rules.js';
+import {
+  ACTIVITY_PARAM_ADAPTER_CODE,
+  ACTIVITY_PARAM_COMPONENT_TYPE,
+  ACTIVITY_PARAM_STORAGE_TYPE
+} from './activities/params.js';
+import {ACTIVITY_ACCESS_DEVICE} from './activities/activities.js';
+import {config} from './config.js';
+import adapterManager from './adapterManager.js';
+import {activityParams} from './activities/activityParams.js';
 export const STORAGE_TYPE_LOCALSTORAGE = 'html5';
 export const STORAGE_TYPE_COOKIES = 'cookie';
@@ -11,40 +21,19 @@ export let storageCallbacks = [];
 /*
  *  Storage manager constructor. Consumers should prefer one of `getStorageManager` or `getCoreStorageManager`.
  */
-export function newStorageManager({moduleName, moduleType} = {}, {bidderSettings = defaultBidderSettings} = {}) {
-  function isBidderAllowed(storageType) {
-    if (moduleType !== MODULE_TYPE_BIDDER) {
-      return true;
-    }
-    const storageAllowed = bidderSettings.get(moduleName, 'storageAllowed');
-    if (!storageAllowed || storageAllowed === true) return !!storageAllowed;
-    if (Array.isArray(storageAllowed)) return storageAllowed.some((e) => e === storageType);
-    return storageAllowed === storageType;
-  }
+export function newStorageManager({moduleName, moduleType} = {}, {isAllowed = isActivityAllowed} = {}) {
   function isValid(cb, storageType) {
-    if (!isBidderAllowed(storageType)) {
-      logInfo(`bidderSettings denied access to device storage for bidder '${moduleName}'`);
-      const result = {valid: false};
-      return cb(result);
-    } else {
-      let value;
-      let hookDetails = {
-        hasEnforcementHook: false
-      }
-      validateStorageEnforcement(moduleType, moduleName, hookDetails, function(result) {
-        if (result && result.hasEnforcementHook) {
-          value = cb(result);
-        } else {
-          let result = {
-            hasEnforcementHook: false,
-            valid: hasDeviceAccess()
-          }
-          value = cb(result);
-        }
-      });
-      return value;
+    let mod = moduleName;
+    const curBidder = config.getCurrentBidder();
+    if (curBidder && moduleType === MODULE_TYPE_BIDDER && adapterManager.aliasRegistry[curBidder] === moduleName) {
+      mod = curBidder;
     }
+    const result = {
+      valid: isAllowed(ACTIVITY_ACCESS_DEVICE, activityParams(moduleType, mod, {
+        [ACTIVITY_PARAM_STORAGE_TYPE]: storageType
+      }))
+    };
+    return cb(result);
   }
   function schedule(operation, storageType, done) {
@@ -228,13 +217,6 @@ export function newStorageManager({moduleName, moduleType} = {}, {bidderSettings
   }
 }
-/**
- * This hook validates the storage enforcement if gdprEnforcement module is included
- */
-export const validateStorageEnforcement = hook('async', function(moduleType, moduleName, hookDetails, callback) {
-  callback(hookDetails);
-}, 'validateStorageEnforcement');
 /**
  * Get a storage manager for a particular module.
  *
@@ -262,9 +244,40 @@ export function getStorageManager({moduleType, moduleName, bidderCode} = {}) {
  * @param {string} moduleName Module name
  */
 export function getCoreStorageManager(moduleName) {
-  return newStorageManager({moduleName: moduleName, moduleType: MODULE_TYPE_CORE});
+  return newStorageManager({moduleName: moduleName, moduleType: MODULE_TYPE_PREBID});
 }
+/**
+ * Block all access to storage when deviceAccess = false
+ */
+export function deviceAccessRule() {
+  if (!hasDeviceAccess()) {
+    return {allow: false}
+  }
+}
+registerActivityControl(ACTIVITY_ACCESS_DEVICE, 'deviceAccess config', deviceAccessRule);
+/**
+ * By default, deny bidders accessDevice unless they enable it through bidderSettings
+ *
+ * // TODO: for backwards compat, the check is done on the adapter - rather than bidder's code.
+ */
+export function storageAllowedRule(params, bs = bidderSettings) {
+  if (params[ACTIVITY_PARAM_COMPONENT_TYPE] !== MODULE_TYPE_BIDDER) return;
+  let allow = bs.get(params[ACTIVITY_PARAM_ADAPTER_CODE], 'storageAllowed');
+  if (!allow || allow === true) {
+    allow = !!allow
+  } else {
+    const storageType = params[ACTIVITY_PARAM_STORAGE_TYPE];
+    allow = Array.isArray(allow) ? allow.some((e) => e === storageType) : allow === storageType;
+  }
+  if (!allow) {
+    return {allow};
+  }
+}
+registerActivityControl(ACTIVITY_ACCESS_DEVICE, 'bidderSettings.*.storageAllowed', storageAllowedRule);
 export function resetData() {
   storageCallbacks = [];
 }

package/src/userSync.js CHANGED Viewed

@@ -5,6 +5,15 @@ import {
 import { config } from './config.js';
 import {includes} from './polyfill.js';
 import { getCoreStorageManager } from './storageManager.js';
+import {isActivityAllowed, registerActivityControl} from './activities/rules.js';
+import {ACTIVITY_SYNC_USER} from './activities/activities.js';
+import {
+  ACTIVITY_PARAM_COMPONENT_NAME,
+  ACTIVITY_PARAM_COMPONENT_TYPE,
+  ACTIVITY_PARAM_SYNC_TYPE, ACTIVITY_PARAM_SYNC_URL
+} from './activities/params.js';
+import {MODULE_TYPE_BIDDER} from './activities/modules.js';
+import {activityParams} from './activities/activityParams.js';
 export const USERSYNC_DEFAULT_CONFIG = {
   syncEnabled: true,
@@ -29,10 +38,10 @@ const storage = getCoreStorageManager('usersync');
 /**
  * Factory function which creates a new UserSyncPool.
  *
- * @param {UserSyncDependencies} userSyncDependencies Configuration options and dependencies which the
+ * @param {} deps Configuration options and dependencies which the
  *   UserSync object needs in order to behave properly.
  */
-export function newUserSync(userSyncDependencies) {
+export function newUserSync(deps) {
   let publicApi = {};
   // A queue of user syncs for each adapter
   // Let getDefaultQueue() set the defaults
@@ -50,7 +59,7 @@ export function newUserSync(userSyncDependencies) {
   };
   // Use what is in config by default
-  let usConfig = userSyncDependencies.config;
+  let usConfig = deps.config;
   // Update if it's (re)set
   config.getConfig('userSync', (conf) => {
     // Added this logic for https://github.com/prebid/Prebid.js/issues/4864
@@ -70,6 +79,19 @@ export function newUserSync(userSyncDependencies) {
     usConfig = Object.assign(usConfig, conf.userSync);
   });
+  deps.regRule(ACTIVITY_SYNC_USER, 'userSync config', (params) => {
+    if (!usConfig.syncEnabled) {
+      return {allow: false, reason: 'syncs are disabled'}
+    }
+    if (params[ACTIVITY_PARAM_COMPONENT_TYPE] === MODULE_TYPE_BIDDER) {
+      const syncType = params[ACTIVITY_PARAM_SYNC_TYPE];
+      const bidder = params[ACTIVITY_PARAM_COMPONENT_NAME];
+      if (!publicApi.canBidderRegisterSync(syncType, bidder)) {
+        return {allow: false, reason: `${syncType} syncs are not enabled for ${bidder}`}
+      }
+    }
+  });
   /**
    * @function getDefaultQueue
    * @summary Returns the default empty queue
@@ -89,7 +111,7 @@ export function newUserSync(userSyncDependencies) {
    * @private
    */
   function fireSyncs() {
-    if (!usConfig.syncEnabled || !userSyncDependencies.browserSupportsCookies) {
+    if (!usConfig.syncEnabled || !deps.browserSupportsCookies) {
       return;
     }
@@ -199,14 +221,14 @@ export function newUserSync(userSyncDependencies) {
       return logWarn(`Number of user syncs exceeded for "${bidder}"`);
     }
-    const canBidderRegisterSync = publicApi.canBidderRegisterSync(type, bidder);
-    if (!canBidderRegisterSync) {
-      return logWarn(`Bidder "${bidder}" not permitted to register their "${type}" userSync pixels.`);
+    if (deps.isAllowed(ACTIVITY_SYNC_USER, activityParams(MODULE_TYPE_BIDDER, bidder, {
+      [ACTIVITY_PARAM_SYNC_TYPE]: type,
+      [ACTIVITY_PARAM_SYNC_URL]: url
+    }))) {
+      // the bidder's pixel has passed all checks and is allowed to register
+      queue[type].push([bidder, url]);
+      numAdapterBids = incrementAdapterBids(numAdapterBids, bidder);
     }
-    // the bidder's pixel has passed all checks and is allowed to register
-    queue[type].push([bidder, url]);
-    numAdapterBids = incrementAdapterBids(numAdapterBids, bidder);
   };
   /**
@@ -320,6 +342,8 @@ export function newUserSync(userSyncDependencies) {
 export const userSync = newUserSync(Object.defineProperties({
   config: config.getConfig('userSync'),
+  isAllowed: isActivityAllowed,
+  regRule: registerActivityControl,
 }, {
   browserSupportsCookies: {
     get: function() {
@@ -329,13 +353,6 @@ export const userSync = newUserSync(Object.defineProperties({
   }
 }));
-/**
- * @typedef {Object} UserSyncDependencies
- *
- * @property {UserSyncConfig} config
- * @property {boolean} browserSupportsCookies True if the current browser supports cookies, and false otherwise.
- */
 /**
  * @typedef {Object} UserSyncConfig
  *

package/test/spec/activities/allowActivites_spec.js ADDED Viewed

@@ -0,0 +1,138 @@
+import {config} from 'src/config.js';
+import {ruleRegistry} from '../../../src/activities/rules.js';
+import {updateRulesFromConfig} from '../../../modules/allowActivities.js';
+import {activityParams} from '../../../src/activities/activityParams.js';
+describe('allowActivities config', () => {
+  const MODULE_TYPE = 'test'
+  const MODULE_NAME = 'testMod';
+  const ACTIVITY = 'testActivity';
+  let isAllowed, params;
+  beforeEach(() => {
+    let registerRule;
+    [registerRule, isAllowed] = ruleRegistry();
+    updateRulesFromConfig(registerRule);
+    params = activityParams(MODULE_TYPE, MODULE_NAME)
+  });
+  afterEach(() => {
+    config.resetConfig();
+  });
+  function setupActivityConfig(cfg) {
+    config.setConfig({
+      allowActivities: {
+        [ACTIVITY]: cfg
+      }
+    })
+  }
+  describe('default = false', () => {
+    it('should deny activites with no other rules', () => {
+      setupActivityConfig({
+        default: false
+      })
+      expect(isAllowed(ACTIVITY, {})).to.be.false;
+    });
+    it('should not deny activities that are explicitly allowed', () => {
+      setupActivityConfig({
+        default: false,
+        rules: [
+          {
+            condition({componentName}) {
+              return componentName === MODULE_NAME
+            },
+            allow: true
+          }
+        ]
+      })
+      expect(isAllowed(ACTIVITY, params)).to.be.true;
+    });
+    it('should be removable by a config update', () => {
+      setupActivityConfig({
+        default: false
+      });
+      setupActivityConfig({});
+      expect(isAllowed(ACTIVITY, params)).to.be.true;
+    })
+  });
+  describe('rules', () => {
+    it('are tested for their condition', () => {
+      setupActivityConfig({
+        rules: [{
+          condition({flag}) { return flag },
+          allow: false
+        }]
+      });
+      expect(isAllowed(ACTIVITY, params)).to.be.true;
+      params.flag = true;
+      expect(isAllowed(ACTIVITY, params)).to.be.false;
+    });
+    it('always apply if they have no condition', () => {
+      setupActivityConfig({
+        rules: [{allow: false}]
+      });
+      expect(isAllowed(ACTIVITY, params)).to.be.false;
+    });
+    it('do not choke when the condition throws', () => {
+      setupActivityConfig({
+        rules: [{
+          condition() {
+            throw new Error()
+          },
+          allow: true
+        }]
+      });
+      expect(isAllowed(ACTIVITY, params)).to.be.false;
+    });
+    it('does not pass private (underscored) parameters to condition', () => {
+      setupActivityConfig({
+        rules: [{
+          condition({_priv}) { return _priv },
+          allow: false
+        }]
+      });
+      params._priv = true;
+      expect(isAllowed(ACTIVITY, params)).to.be.true;
+    })
+    it('are evaluated in order of priority', () => {
+      setupActivityConfig({
+        rules: [{
+          priority: 1000,
+          allow: false
+        }, {
+          priority: 100,
+          allow: true
+        }]
+      });
+      expect(isAllowed(ACTIVITY, params)).to.be.true;
+    });
+    it('can be set with priority 0', () => {
+      setupActivityConfig({
+        rules: [{
+          allow: false
+        }, {
+          priority: 0,
+          allow: true
+        }]
+      });
+      expect(isAllowed(ACTIVITY, params)).to.be.true;
+    })
+    it('can be reset with a config update', () => {
+      setupActivityConfig({
+        allow: false
+      });
+      config.setConfig({allowActivities: {}});
+      expect(isAllowed(ACTIVITY, params)).to.be.true;
+    });
+  });
+});