CDN Sheparded Creative Rendering
Update: changed from likely to mostly, as there are kind of two ideas inherent here:
- Using nested iframes to pass information from the publisher page into the rendering frame.
- Having a known, open source, etc, thing that two ad techs can inspect and "trust" the behavior of, i.e. trust that a vast notify will be applied or a native styling styled.
Overview
One of the designed challenges in PAAPI auctions and rendering is being able to inject publisher information into the rendering environment. This impacts features such as native and video rendering, the ability to use postMessage securely, the ability to communicate directly with the publisher for verification, various macro and pixel renderings, brand safety.
Challenges with Initial Solutions
There are some happy path possibilities for this communication which get challenging. They are explored here.
Goal
We'd like a way to pass non-identifying information back and forth between the DSPs iframe and the publisher and SSPs frame, to maintain functionality listed above while the ecosystem adjusts to the changes in a more fundamental way. A good solution must:
- Allow for multiple slots on page to run a private auction with the information relevant to that auction.
- Note that while it's expected some information is common across all slots, not all is, such as tag and sizes.
- Not require different renderUrls per (DSP, SSP) tuple.
- Not add implementation constraints on how a SSP must code it's auction and use browser APIs.
- Be performant and cost effective.
- Allow the normal functionality of PAAPI to operate, such as reportEvent, reportResult, reportWin, etc, OR completely replace it in a predictable way.
Ideally it would also:
- Allow a DSP to ultimately render inside its own frame.
- Allow the DSP and SSP to communicate on page.
- Allow the DSP/advertiser to communicate to the publisher for things like verification.
- Allow the DSP/advertiser to know the page it's rendering on, or information about that page.
Test
Setup
For our setup we have:
- An advertiser (pst-advertiser.com) and a publisher (pst-publisher.com) that a user interacts with.
- The advertiser uses a DSP (pst-dsp.com) as a technology platform to manage and activate it's buys.
- The publisher uses an SSP (pst-ssp.com) as a technology platform to monetize it's inventory.
- There are also two bootstrap scripts that live on a cdn, which are used by the buyer in their renderUrl.
The user (you!) will visit an advertiser page where the DSP will drop an IG for later targeting using tech from pst-dsp.com; following that a visit is made (by you!) to a publisher page where code loaded from the SSP domain runs auctions. The goal is to demonstrate the ability to get information available in the publisher context, such as auction and tag IDs, into the rendering frame, meeting all of the musts from above and as many of the ideallys as we can.
Note that the cdn is https://d13qknb5muaj3m.cloudfront.net/ but we'll refer to CDN.com here for ease of reading.
Steps
Let's give it a try:
- Setup: First we clear logs to start with a clean slate (no tricks!).
- Advertiser Page: We visit an advertisers product page
which loads its DSPs data gathering tech, and an IG is created owned by pst-dsp.com.
All renderUrls are of the form cdn.com/render-target?dsp=somedsp&actualRenderUrl=base64encode(actualTargetUrl)&OtherInfo=..., where
- cdn.com is known in advance
- actualRenderUrl will be used later for loading a URL from the DSP.
- dsp is the origin of the DSP, or more accurately it's render frame origin
- Publisher Page-Auctions: Next we visit the publishers page
where the pub's SSP has code loaded from pst-ssp.com, which finds any slots on page configured for an auction
with the "injectadshere" label (name). For the purposes of the demo we skip the contextual auction, and instead only run a Private
Auction occurs for each slot, inviting pst-dsp.com to the auction.
- Publisher Page-Bootstrap Winner: The Private Bid wins and SSP tech on page creates an iframe pointing at The Known CDN Bootstrapper on cdn.com, with src of the form
cdn.com/render-bootstrapper.html?AuctionResult=URNifiedRenderURL&ContextualInfo=encodedcontextualinfo&topLevelOrigin=tld,
where the AuctionResult is the opaque URN'ified renderUrl from the winning private bid, ContextualInfo represents information from
the publisher context.
- See "step 4: bootstrapping" here.
- Publisher Page-CDN Bootstrapper: Browser loads the cdn.com/render-bootstrapper.html which contains JS to:
Take the AuctionResult, which is the opaqueURN representation of the winning bids renderUrl, which we know is the render-url script from the CDN,
and creates an iframe with that as its src
- Publisher Page-CDN Renderer: The browser loads the opaqueURN iframe. The
render-url script
loads, and JS executing in it can grab query params from it's own frame (including actualRenderUrl) and the parent frame (due to the
same origin) including all that publisher page info:
- Pulls the ContextualInfo from the parent frame (/render-bootstrapper)
- Pulls the origin of the top level page from the parent frame.
- Pulls the actualRenderUrl from its frame, adds on the contextual info and TLD as query params and then creates an iframe with that as the src.
- Publisher Page-Advertisers Creative: The "actualTargetUrl" iframe presumably loads from the DSPs own servers and does what it needs to do with the contextual info
for rendering and reporting.
- Verify: We can check the report_win_log and report_result_log to verify they were invoked properly.