Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unexpected getObject() results since 3.1.3 #72

Open
Brayyy opened this issue Dec 20, 2024 · 0 comments
Open

Unexpected getObject() results since 3.1.3 #72

Brayyy opened this issue Dec 20, 2024 · 0 comments

Comments

@Brayyy
Copy link

Brayyy commented Dec 20, 2024

Senario:

  • We use this NPM package in a back-end Node.js service
  • We are not responsible for generating the GPP string, only processing it
  • We have no ability to force the end-user to use a specific version of the package when generating the GPP string

I'm working on updating our back-end service to use the latest version (3.1.5), but I'm finding unexpected results since 3.1.3.

My implementation is very basic:

// Setup...
// CmpApi is not designed to work with NodeJs. mock the window object
global.window = {};
global.window.__gpp = () => null;
const cmpApi = new CmpApi(1, 3);

// Usage per request...
cmpApi.setGppString(gppStr);
const gppObj = cmpApi.getObject();

Here three randomly chosen GPP strings, and the results of getObject() for versions 3.1.1 through 3.1.5:

String: DBABrw~BVQqAAAACgA.QA~BUoAAAKA.QA
Version: 3.1.1 {"usnatv1":{"Version":1,"SharingNotice":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"TargetedAdvertisingOptOutNotice":1,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":2,"SharingOptOut":2,"TargetedAdvertisingOptOut":2,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":2,"MspaCoveredTransaction":2,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false},"uscav1":{"Version":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"SensitiveDataLimitUseNotice":0,"SaleOptOut":2,"SharingOptOut":2,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":2,"MspaCoveredTransaction":2,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}
Version: 3.1.2 {"usnat":{"Version":1,"SharingNotice":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"TargetedAdvertisingOptOutNotice":1,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":2,"SharingOptOut":2,"TargetedAdvertisingOptOut":2,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":2,"MspaCoveredTransaction":2,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false},"usca":{"Version":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"SensitiveDataLimitUseNotice":0,"SaleOptOut":2,"SharingOptOut":2,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":2,"MspaCoveredTransaction":2,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}
Version: 3.1.3 {"usnat":[{"Version":1,"SharingNotice":0,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"TargetedAdvertisingOptOutNotice":0,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"TargetedAdvertisingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0},{"GpcSegmentType":1,"Gpc":false}],"usca":[{"Version":1,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0},{"GpcSegmentType":1,"Gpc":false}]}
Version: 3.1.4 {"usnat":{"Version":1,"SharingNotice":0,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"TargetedAdvertisingOptOutNotice":0,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"TargetedAdvertisingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false},"usca":{"Version":1,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}
Version: 3.1.5 {"usnat":{"Version":1,"SharingNotice":0,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"TargetedAdvertisingOptOutNotice":0,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"TargetedAdvertisingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false},"usca":{"Version":1,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}

String: DBABL~BVVKqqqqgg
Version: 3.1.1 {"usnatv1":{"Version":1,"SharingNotice":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"TargetedAdvertisingOptOutNotice":1,"SensitiveDataProcessingOptOutNotice":1,"SensitiveDataLimitUseNotice":1,"SaleOptOut":0,"SharingOptOut":2,"TargetedAdvertisingOptOut":2,"SensitiveDataProcessing":[2,2,2,2,2,2,2,2,2,2,2,2],"KnownChildSensitiveDataConsents":[2,0],"PersonalDataConsents":0,"MspaCoveredTransaction":2,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}
Version: 3.1.2 {"usnat":{"Version":1,"SharingNotice":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"TargetedAdvertisingOptOutNotice":1,"SensitiveDataProcessingOptOutNotice":1,"SensitiveDataLimitUseNotice":1,"SaleOptOut":0,"SharingOptOut":2,"TargetedAdvertisingOptOut":2,"SensitiveDataProcessing":[2,2,2,2,2,2,2,2,2,2,2,2],"KnownChildSensitiveDataConsents":[2,0],"PersonalDataConsents":0,"MspaCoveredTransaction":2,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}
Version: 3.1.3 {"usnat":[{"Version":1,"SharingNotice":0,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"TargetedAdvertisingOptOutNotice":0,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"TargetedAdvertisingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0},{"GpcSegmentType":1,"Gpc":false}]}
Version: 3.1.4 {"usnat":{"Version":1,"SharingNotice":0,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"TargetedAdvertisingOptOutNotice":0,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"TargetedAdvertisingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}
Version: 3.1.5 {"usnat":{"Version":1,"SharingNotice":0,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"TargetedAdvertisingOptOutNotice":0,"SensitiveDataProcessingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"TargetedAdvertisingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}

String: DBABBg~BUUAAAFY.YA
Version: 3.1.1 {"uscav1":{"Version":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"SensitiveDataLimitUseNotice":0,"SaleOptOut":1,"SharingOptOut":1,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":1,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":1,"MspaServiceProviderMode":2,"GpcSegmentType":1,"Gpc":true}}
Version: 3.1.2 {"usca":{"Version":1,"SaleOptOutNotice":1,"SharingOptOutNotice":1,"SensitiveDataLimitUseNotice":0,"SaleOptOut":1,"SharingOptOut":1,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":1,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":1,"MspaServiceProviderMode":2,"GpcSegmentType":1,"Gpc":true}}
Version: 3.1.3 {"usca":[{"Version":1,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0},{"GpcSegmentType":1,"Gpc":false}]}
Version: 3.1.4 {"usca":{"Version":1,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}
Version: 3.1.5 {"usca":{"Version":1,"SaleOptOutNotice":0,"SharingOptOutNotice":0,"SensitiveDataLimitUseNotice":0,"SaleOptOut":0,"SharingOptOut":0,"SensitiveDataProcessing":[0,0,0,0,0,0,0,0,0],"KnownChildSensitiveDataConsents":[0,0],"PersonalDataConsents":0,"MspaCoveredTransaction":1,"MspaOptOutOptionMode":0,"MspaServiceProviderMode":0,"GpcSegmentType":1,"Gpc":false}}

The user has clearly has the SaleOptOut/SharingOptOut/KnownChildSensitiveDataConsents set non-zero, but later package versions are returning a negative indicator for these keys. I can pass these strings into https://iabgpp.com and https://www.gppdecoder.com, and they return as expected.

Is there something I'm missing here? I found a lot of bumpy/breaking updates in the last few patch versions.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Brayyy