Welcome
Here we see a cookie addict desperately trying to retrieve the cookies some birds have stolen from him
- iSac + ChatGPT, 2024.
Overview
This is the home page for Privacy Sandbox Testing we're working on. For now this just links to any tests. We'll try to add links to resources and such directly here, although many of them are in the tests themselves.
For questions contact Isaac.
- Indicates a test that indicates a good outcome.
- Indicates a test that indicates a good outcome in some cases.
- Indicates a test that indicates a failure outcome.
- Indicates a test with no normative outcome.
Interest Groups and Private Auctions
Operations
- Debugging Config Based Issues: Do we have some kind of console logging for configu based issues like priorityVector calcs and IG inclusion.
Data Passing Patterns
- CDN Based Creative Loading: Can we use a CDN to load two bootstrap scripts and load the target creative in an iframe with all relevant contextual and creative info.
- Post Message Timing: What is the reliability and latency of postMessage.
- Passing Opaque URN Around: Can we pass an opaque URN from the frame it was created to another frame.
- Opaque URN and Fetch: Can we pass an opaque URN in a fetch.
- Opaque URN and Forms: Can we pass an opaque URN in a Form.
- Opaque URN and XMLHttpRequest: Can we pass an opaque URN in a XMLHttpRequest.
- Referer Passing to Rendering Fenced Frame: Under what referer policies will the browser send the referer along with the renderUrl request when using a Fenced Frame.
- Referer Passing to Rendering IFrame with Opaque URN: Under what referer policies will the browser send the referer along with the renderUrl request when using the IFrame with Opaque URN.
- Combining Auction and Creative Info in Rendering Frame: Can we combine auction time and creative indicated info when rendering in an opaque iframe.
- Usage of deprecatedReplaceInURN folkadjlfkajsdlfr Macros in Query Params: Basic usage testing of deprecatedReplaceInURN to replace macros in the query params.
- Usage of deprecatedReplaceInURN for Macros in Query Params: Basic usage testing of deprecatedReplaceInURN to replace macros in the query params.
- Usage of deprecatedReplaceInURN for domain macros: Can we use deprecatedReplaceInURN to replace parts of the domain, i.e. www.%%macro%%.com/.
- Usage of deprecatedReplaceInURN for Macros in path macros: Can we use deprecatedReplaceInURN to replace parts of the path, i.e. www.pst-dsp.com/%%macro%%/....
- Usage of deprecatedReplaceInURN for subdomain macros: Can we use deprecatedReplaceInURN to replace parts of a subdomain, i.e. %%macro%%.pst-dsp.com/.
Domain/Situation Specific Demos
- KV Generation with Specific Types and Characters in Keys: Want to get some specific input-output tests.
- Generate Bid Call in Case of No KV Signal: What happens when an IG has TBS Keys but gets no data back, in particular does it bid.
Auction and IG Configuration
- Filtering Using Priority Vector and 'Types': Can we effectively have an 'IG Type' that we filter on for auctions.
Origin Issues
- Can we register an IG with localhost as the origin: localhost or 127.0.0.1 as origin
- Usage of New Cross Site TBS URL: Testing out the request pattern of IGs with identical origin/tbsURL, but origin and tbsURL are not the same origin..
Performance
- Join Timing: Get statistics on IG join timing.
- Auction Timing: Get statistics on Auction running with various parameters.
IG Updates
- Redirects for updateUrl: Will Redirects on Calls to the Update URL Be Followed
- Patch vs Put Behavior of IG Second Join in New Join Origin: Verify that fields are PUT rather than PATCH on re-join (not update url) even with re-join in different join origin.
- Patch vs Put Behavior of IG Second Join: Verify that fields are PUT rather than PATCH on re-join (not update url)
- Patch vs Put Behavior of IG Updates: Verify that fields are over-written when indicated, but other fields are not touched
- IG Update Timeouts: Is there any timeout on updateUrl
Permissions
- Auction Configs with Mixed Origins: Verifying Chromes rejection of an auctionConfig with mixed origins.
- IG Joining: Static Files CDN Loading: Verifying Chrome's rejection of an IG join with dynamic origins going to www.pst-one.com, but static files going to any CDN based subdomain.
- Bad Delegation File: How does Chrome handle a bad delegation file?
- Delegation file missing CORS Header: How does Chrome handle a delegation file that is otherwise good but is missing its CORS response header?
- IG Attributes with Mixed Origins: Verifying Chromes rejection of an IG with mixed origins.
- IG Joining from Unapproved Context, Same Domain: Verifying Chromes rejection of an IG Join given other subdomains are approved.
- Same Origin Static File Redirect: Can we point to a same origin endpoint for a file but then redirect to same domain but different subdomain (say a cdn).
Limits
- IGs Per Site (not origin): Can a single domain have more than 2K IGs spread out across multiple subdomains.
- IGs Per Origin: Verifying how joinAdInterestGroup behaves past the limit of IGs per (browser, origin)
Zero Auth Approximations
Identity
Conversions
- Post Click Conversions on Private Auction Wins: Can we get event level and immediate results to join a pixel drop to a impression, post click on a private auction win.
- Post View Conversions on Contextual Auction Wins: Can we get event level and immediate results to join a pixel drop to a impression, post view on a contextual auction win.
- Post View Conversions on Private Auction Wins: Can we get event level and immediate results to join a pixel drop to a impression, post view on a private auction win.
Onboarding
- Data Onboarding for Previously Authenticated Users: Can we onboard data into a bucket for a previously authenticated user, with the data from a separate context, w/o sharing their identity in either direction
Interoperability
CHIP Syncer
- CHIP Syncing: Demoing the idea of 'local chip syncing' to enable KV based interop.
Private Aggregation
Basic Walkthrough
- PA and Auctions: Initial test of PA in auction functions.
Shared Storage
Budget
- Budget Deductions w/o Interaction: Does the budget deduction occur w/o user interaction.
Limits
- selectURL Render URL Limits: Are we limited to 8 renderURLs.
PST Site Info
Privacy
- PST Sites privacy policy.: Please don't enter any personal data; all data is local or in db that is often wiped.
Privacy
Fake Login
Explainers
How This Site Works
- Origins, Domains, and Subdomains: Explains how this set of sites uses origins, domains, and subdomains.
Interest Groups
WASM
- Hello WASM Bidding Functions and Strings: Basic demonstration of WASM being used in generateBid with strings.
- Hello WASM Bidding Functions and Strings 3: Basic demonstration of WASM being used in generateBid with strings 3
- Hello WASM Bidding Functions and Strings 4: Basic demonstration of WASM being used in generateBid with strings 4
- Hello WASM Bidding Functions: Basic demonstration of WASM being used in generateBid.
- WASM Bidding with multiple files and some real params: Basic demonstration of WASM being used in generateBid.
- Hello WASM Bidding with ORTBish Stuff: Next steps for wasm bidding
AN Testing
PA KV
- Generate requests to IB-KV: Create 1+ IGs with name/keys as you like and have them sent to the IBKV endpoint of your choosing.
PST Site Information
Documentation
- Glossary: Terms used on this site.
Vanilla Demos
Basic Bidding and Auction
- Cross Site ID and Data Usage in Private Auction: Visit multiple sites, generate information unique to that site, and bid with it.