Update non-IAB compliant CMP example (#792)

* Update example for non-IAB CMP: * Inject __cmpLocator iframe * Add mandatory ping functino * Stringify JSON if required * Add support for IE8 and below * Wrap into anonymous self-executing function * Coding standards. * Coding standards * hasGlobalScope mandatory response. * hasGlobalScope update Publisher-specific CMP should have false value.
prebid · Jun 6, 2018 · 9fe5642 · 9fe5642
1 parent 883b3fb
commit 9fe5642
Showing 1 changed file with 67 additions and 29 deletions.
diff --git a/dev-docs/modules/consentManagement.md b/dev-docs/modules/consentManagement.md
@@ -201,49 +201,87 @@ At a high level this looks like:
 Below is sample code for implementing the stub functions. Sample code for formatting the consent string may be obtained [here](https://github.com/appnexus/cmp).
 
 {% highlight js %}
-window.__cmp = function(command, version, callback) {
-    var iabConsentData;  // build the IAB consent string
-    var gdprApplies;     // true if gdpr Applies to the user, else false
-    var responseCode;    // false if there was an error, else true
-    if (command === 'getConsentData') {
-        callback({consentData: iabConsentData, gdprApplies: gdprApplies}, responseCode);
-    } else if (command === 'getVendorConsents') {
-        callback({metadata: iabConsentData, gdprApplies: gdprApplies}, responseCode);
-    } else {
-        callback(undefined, false);
+var iabConsentData;  // build the IAB consent string
+var gdprApplies;     // true if gdpr Applies to the user, else false
+var hasGlobalScope;  // true if consent data was retrieved globally
+var responseCode;    // false if there was an error, else true
+var cmpLoaded;       // true if iabConsentData was loaded and processed
+(function(window, document) {
+    function addFrame() {
+        if (window.frames['__cmpLocator'])
+            return;
+        if ( document.body ) {
+            var body = document.body,
+                iframe = document.createElement('iframe');
+            iframe.name = '__cmpLocator';
+            iframe.style.display = 'none';
+            body.appendChild(iframe);
+        } else {
+            setTimeout(addFrame, 5);
+        }
+    }
+    addFrame();
+    function cmpMsgHandler(event) {
+        try {
+            var json = event.data;
+            var msgIsString = typeof json === "string";
+            if ( msgIsString ) {
+                json = JSON.parse(json);
+            }
+            var call = json.__cmpCall;
+            if (call) {
+                window.__cmp(call.command, call.parameter, function(retValue, success) {
+                    var returnMsg = {
+                        __cmpReturn: {
+                            returnValue: retValue, success: success, callId: call.callId
+                        }
+                    };
+                    event.source.postMessage(msgIsString ? JSON.stringify(returnMsg) : returnMsg, '*');
+                });
+            }
+        } catch (e) {}  // do nothing
     }
-};
-
-// for framed scenarios
-window.addEventListener('message', function(event) {
-    try {
-        var call = event.data.__cmpCall;
-        if (call) {
-            window.__cmp(call.command, call.parameter, function(retValue, success) {
-                var returnMsg = {
-                    __cmpReturn: {
-                        returnValue: retValue, success: success, callId: call.callId
-                    }
-                };
-                event.source.postMessage(returnMsg, '*');
-            });
+    function cmpFunc = function(command, version, callback) {
+        if (command === 'ping') {
+            callback({gdprAppliesGlobally: gdprApplies, cmpLoaded: cmpLoaded}, responseCode);
+        } else if (command === 'getConsentData') {
+            callback({consentData: iabConsentData, gdprApplies: gdprApplies, hasGlobalScope: hasGlobalScope}, responseCode);
+        } else if (command === 'getVendorConsents') {
+            callback({metadata: iabConsentData, gdprApplies: gdprApplies, hasGlobalScope: hasGlobalScope}, responseCode);
+        } else {
+            callback(undefined, false);
         }
-    } catch (e) {} // do nothing
-});
+    };
+    if ( typeof (__cmp) !== 'function' ) {
+        window.__cmp = cmpFunc;
+        window.__cmp.msgHandler = cmpMsgHandler;
+        if ( window.addEventListener ) {
+            window.addEventListener('message', cmpMsgHandler, false);
+        } else {
+            window.attachEvent('onmessage', cmpMsgHandler);
+        }
+    }
+})(window, document);
 {% endhighlight %}
 
 ### Explanation of Parameters
 **iabConsentData**
-For how to generate the IAB consent string see the [IAB CMP 1.1 Spec](https://github.com/InteractiveAdvertisingBureau/GDPR-Transparency-and-Consent-Framework).
+For how to generate the IAB consent string see the [IAB CMP 1.1 Spec](https://github.com/InteractiveAdvertisingBureau/GDPR-Transparency-and-Consent-Framework) and [IAB Consent String SDK](https://github.com/InteractiveAdvertisingBureau/GDPR-Transparency-and-Consent-Framework/tree/master/Consent%20String%20SDK).
 
 **gdprApplies**
 How to generate the gdprApplies field:
 - True if the current user is in the European Economic Area (EEA) OR if the publisher wants to have all traffic considered in-scope for GDPR
 - False if it's known that the user is outside the EEA
 - Leave the attribute unspecified if user's location is unknown
 
+**hasGlobalScope**
+This should be set as true if consent data was retrieved from global "euconsent" cookie, or was it publisher-specific. For general purpose, set this to false.
+
 **responseCode**
-This should be false if there was some error in the consent data, true otherwise.  False is the same as calling the callback with no parameters.
+This should be false if there was some error in the consent data, true otherwise. False is the same as calling the callback with no parameters.
+
+**cmpLoaded**
+This should be be set to true once parameters above are processed.
 
 ## List of GDPR compliant Adapters