Usage of New Cross Site TBS URL

Here we see a cookie lover desperately reaching out for information accross dimensions. - iSac, ChatGPT, July 30, 2024.

Test Usage of Cross Origin TBS URL

Here we explore the new cross origin trusted bidding signals capability described here, paying attention to the coalescing of keys sent out in the network request, and the values returned and passed to the generateBid function.

I'm still building this out and would like to do it a bit more properly, meaning have the joins happen on different pages and then run on an auction page to simulate the flow we'd actually expect. For now as a very quick POC I this gives a good first cut.

Chrome has not fully rolled this feature out, so to see this demo work you need to:

Download Chrome Dev (note canary didn't quite work for me).
Navigate to the install directory, on Mac it should be /Applications/Google Chrome Dev.app/Contents/MacOS
Start Chrome Dev using the command ./Google\ Chrome\ Dev --enable-features=FledgePermitCrossOriginTrustedSignals --args --disable-features=EnforcePrivacySandboxAttestations

If you open dev tools and re-load this page, you will notice:

In the network tab the call to buyer KV does contain the coalesced IG keys.
In the Application --> Interest Group section, the owner of the IGs is pst-dsp, but the trusted bidding signals URL is pst-ssp.

So what this would seem to show is that the cors based tbsURL works as expected (provided we add the appropriate Access-Control-Allow-Origin header in buyer kv response).

The JS code registering the IGs and running the auction is here. As of initial writing the KV call (code here) is logging this:

                
/igs/cases/cross-origin-tbs/buyer-kv?hostname=www.privacy-sandbox-testing-one.com&keys=c%3Da,c%3Db,c%3Dd&interestGroupNames=ig-a,ig-b,ig-c