Validate native inputs #353
Conversation
| "11": json.RawMessage(validRequest(t, "app.json")), | ||
| "12": json.RawMessage(validRequest(t, "timeout.json")), | ||
| "100": json.RawMessage("5"), | ||
| "101": json.RawMessage("5"), |
There was a problem hiding this comment.
Ok, that was a bug in the original AMP tests, should have been testing all the invalid requests. Not terribly important though, since this shares code with openrtb, and the invalid requests should be handled there anyway. I had failed to advance the index in invalidRequests[] on each line.
There was a problem hiding this comment.
ah... I see. Yeah, I didn't pay much attention to the semantics of these tests, but I'll clean them up here so that they make sense again.
| if err := validateNativeAsset(assets[i], impIndex, i); err != nil { | ||
| return err | ||
| } | ||
| assets[i].ID = int64(i) |
There was a problem hiding this comment.
From the spec: "Typically a counter for the array." This enforces that it will be a counter. I don't know of any use cases for ID being anything else, so its probably good. But potentially will break something that stretches the spec here.
Oh, I see below that we are changing the spec that we don't want anyone else filling asset IDs. So any breaking changes should not be a surprise, but still could potentially block some funky implementation.
There was a problem hiding this comment.
yeah... to be honest I'm not 100% sure how to handle this. I saw the following:
Unique asset ID, assigned by exchange.
Since Prebid is the exchange, in this context, I don't think we're breaking the spec here. We just decided that the "typical" implementation is the one we'll be using.
I decided to return 4xx on IDs sent by the Publisher just to prevent all sorts of nasty logic/confusion. As a general rule, we never overwrite anything which the Publisher gives us. So if we allowed IDs, then we'd have to make sure that the ones we added weren't duplicates, which gets... messy.
Decided to just reject those requests to keep things simple.
There was a problem hiding this comment.
I am fine with that then.
endpoints/openrtb2/auction.go
Outdated
| } | ||
|
|
||
| func validateNativeAssetData(data *nativeRequests.Data, impIndex int, assetIndex int) error { | ||
| if data.Type < 1 || data.Type > 11 { |
There was a problem hiding this comment.
Good catch! haha 12 was on a separate page in the spec, so I must have missed it.
|
been way longer than 5 days, so... merging. |
* Upgraded the openrtb library to 9.2.0. * Moved invalid request payloads into their own directory. * Added a bad native request. * Added lots of invalid native bid payloads, to make tests fail. * Moved some files around. Implemented all the logic to make the tests pass. * Moved valid requests into directories. * Deleted some duplicate files. Added some new ones to beef up code coverage. * Removed some unnecessary code. * Added an issue number to the TODO statement. * Fixed the range on data asset types. * Fixed the amp auction tests, which were buggy before. * Moved tests from other PR into their own .json files. * Deleted duplicate directory... not sure how that got added.
* Upgraded the openrtb library to 9.2.0. * Moved invalid request payloads into their own directory. * Added a bad native request. * Added lots of invalid native bid payloads, to make tests fail. * Moved some files around. Implemented all the logic to make the tests pass. * Moved valid requests into directories. * Deleted some duplicate files. Added some new ones to beef up code coverage. * Removed some unnecessary code. * Added an issue number to the TODO statement. * Fixed the range on data asset types. * Fixed the amp auction tests, which were buggy before. * Moved tests from other PR into their own .json files. * Deleted duplicate directory... not sure how that got added.
Co-authored-by: Qili Chen <[email protected]@Qilis-MacBook-Pro.local>
This fixes most of #218, and some of #295.
OpenRTB Native v1.2 support was added in mxmCherry/openrtb#20, but the 10.0.0 release of that library included some other breaking changes... so in the interest of moving this along, I'll save those changes for another PR.
Most of these changes are just refactoring so that my native test payloads don't add contribute to the tech debt of #295. I pulled many of the existing test payloads out into their own
*.jsonfiles.