-
Notifications
You must be signed in to change notification settings - Fork 225
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Spec] Handle Ad-Auction-Result response header. #1280
base: main
Are you sure you want to change the base?
Conversation
@brusshamilton Want to review it? |
spec.bs
Outdated
1. If |adAuctionResult| contains [=code points=] U+002B (`+`) or U+002F (`/`), return failure. | ||
1. Replace every U+2212 (`-`) [=code point=] in |adAuctionResult| with U+002B (`+`). | ||
1. Replace every U+005F(`_`) [=code point=] in |adAuctionResult| with U+002F (`/`). | ||
1. Let |paddingSize| be <code>|adAuctionResult|'s [=string/length=] % 4</code>. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Forgiving base64 decode doesn't require a specific number of =
at the end. It's optional.
Also, the math here doesn't seem right. You want to ensure the final length is a multiple of 4. That means you actually want 2 when the remainder is 2, but 1 when the remainder is 3 (and a remainder of 1 should never happen). So something like (4-(len%4))%4, or equivalently, 4*ceil(len/4.0)-len. Better to just remove this part since it's not necessary.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it requires no more than 2 =
. But yeah this is not necessary. Removed, and moved this algorithm's steps inlined to the caller
@@ -2886,7 +2894,7 @@ a [=list=] of [=interest groups=] |bidIgs|, and a [=list=] of [=bid debug report | |||
: [=leading bid info/top level seller signals=] | |||
:: Null | |||
: [=leading bid info/component seller=] | |||
:: Null if |topLevelAuctionConfig| is null, otherwise |auctionConfig|'s [=auction config/seller=]. | |||
:: Null if |topLevelAuctionConfig| is not null, otherwise |auctionConfig|'s [=auction config/seller=]. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@brusshamilton I think this was a mistake in an earlier PR. Do you agree?
Parses Ad-Auction-Result response header, and verifies a Fetch request to the seller’s origin with "adAuctionHeaders: true" that included an Ad-Auction-Result header with hash of auction config's response_blob (need to do this for component auction config as well, when B&A component auction spec PR is landed).
Preview | Diff