Core: validate bid response mediaType against ad unit mediaTypes#14468
Core: validate bid response mediaType against ad unit mediaTypes#14468anastasiiapankivFS wants to merge 2 commits intoprebid:masterfrom
Conversation
Reject bid responses whose mediaType does not match any of the ad unit's declared mediaTypes. This prevents mismatched bids (e.g. a video bid for a banner-only ad unit) from entering the auction. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 838e30cd96
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| if (bid.mediaType) { | ||
| const mediaTypes = index.getMediaTypes(bid); | ||
| if (mediaTypes && Object.keys(mediaTypes).length > 0) { | ||
| if (!mediaTypes.hasOwnProperty(bid.mediaType)) { |
There was a problem hiding this comment.
This validation runs on prebidBid objects built via createBid(), which pre-populates mediaType as 'banner', so the if (bid.mediaType) guard is effectively always true in the adapter pipeline. As a result, adapters that legitimately omit mediaType in interpretResponse (for example modules/slimcutBidAdapter.js, which supports video but does not set mediaType) will now have video-only ad unit bids rejected here as banner mismatches, even though the new behavior is intended to skip validation when mediaType is unset.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
Codex couldn't complete this request. Try again later.
|
do we consider this a breaking change? I agree we should do this, but it is possible there are pubs handling and monetizing somehow on this. Should we put it in a default off flag for now and remove option in Prebid 11? Also regarding IBV (faking banner but is video) this does not stop that, is there a plan to have something similar regarding mis-matching Sorry I was unable to attend the PMC |
|
@robertrmartinez Regarding IBV, there was a change to bidResponseFilter that should addresses this. #14071 |
|
#14071 intended to allow a publisher to turn off declared ibv responses on banner This is about turning off video mediatypes (not ibv, but literal video responses) as responses on banner only units bc they simply won't render. That being said, the 11 branch is open and if you think this breaks anyone we can target the pr at it to be safe |
|
@antoine-ga I can almost guarantee there is an integration out there where some bidder is responding with bidResponse.mediaType = video in a banner only prebid ad unit, and the pub has setup their adserver / on page code to handle it and render it accordingly. And this would "break" that. Now I really do not care if we merge with default on / off but just wanted to make sure we acknowledge! |
|
Should we make media type enforcement configurable with default set to false, so we do not introduce breaking changes? |
let's just make the PR on the 11 branch to be safe instead since it's open and no need for config. Can you clean up failing tests and see the bot comment? |
|
@anastasiiapankivFS i had codex prepare this pr on the 11 branch in the linked pr |
4 participants
Type of change
Description of change
Reject bid responses whose
mediaTypedoes not match any of the ad unit's declaredmediaTypes. This prevents mismatched bids (e.g. a video bid for a banner-only ad unit) from entering the auction.#14459