diff --git a/spec.bs b/spec.bs
index a5ba144f5..0cf9370e5 100644
--- a/spec.bs
+++ b/spec.bs
@@ -58,7 +58,8 @@ spec: RFC8941; urlPrefix: https://httpwg.org/specs/rfc8941.html
for: structured header
text: boolean; url: boolean
text: integer; url: integer
- text: boolean; url: boolean
+ text: list; url: list
+ text: string; url: string
spec: WebAssembly; urlPrefix: https://webassembly.github.io/spec/core/
type: dfn
urlPrefix: appendix/embedding.html
@@ -303,21 +304,17 @@ This is detectable because it can change the set of fields that are read from th
| "{{GenerateBidInterestGroup/updateURL}}" |
[=interest group/update url=] |
-
- | "{{GenerateBidInterestGroup/trustedBiddingSignalsURL}}" |
- [=interest group/trusted bidding signals url=] |
-
1. If |group| [=map/contains=] |groupMember|:
- 1. Let |parsedUrl| be the result of running the [=URL parser=] on |group|[|groupMember|].
- 1. [=exception/Throw=] a {{TypeError}} if any of the following conditions hold:
- * |parsedUrl| is failure;
- * |parsedUrl| is not [=same origin=] with |interestGroup|'s [=interest group/owner=];
- * |parsedUrl| [=includes credentials=];
- * |parsedUrl| [=url/fragment=] is not null.
+ 1. Let |parsedUrl| be the result of running [=parse and verify a bidding code or update URL=]
+ on |group|[|groupMember|] and |interestGroup|'s [=interest group/owner=].
+ 1. If |parsedUrl| is failure, then [=exception/throw=] a {{TypeError}}.
1. Set |interestGroup|'s |interestGroupField| to |parsedUrl|.
- 1. If |interestGroup|'s [=interest group/trusted bidding signals url=]'s [=url/query=] is not
- null, then [=exception/throw=] a {{TypeError}}.
+ 1. If |group|["{{GenerateBidInterestGroup/trustedBiddingSignalsURL}}"] [=map/exists=]:
+ 1. Let |parsedUrl| be the result of running [=parse and verify a trusted signals URL=] on
+ |group|[{{GenerateBidInterestGroup/trustedBiddingSignalsURL}}].
+ 1. If |parsedUrl| is failure, then [=exception/throw=] a {{TypeError}}.
+ 1. Set |interestGroup|'s [=interest group/trusted bidding signals url=] to |parsedUrl|.
1. If |group|["{{GenerateBidInterestGroup/trustedBiddingSignalsKeys}}"] [=map/exists=], then set
|interestGroup|'s [=interest group/trusted bidding signals keys=] to
|group|["{{GenerateBidInterestGroup/trustedBiddingSignalsKeys}}"].
@@ -1061,11 +1058,9 @@ To validate and convert auction ad config given an {{AuctionAdConfig}
[=auction config/seller=], then return failure.
1. Set |auctionConfig|'s [=auction config/decision logic url=] to |decisionLogicURL|.
1. If |config|["{{AuctionAdConfig/trustedScoringSignalsURL}}"] [=map/exists=]:
- 1. Let |trustedScoringSignalsURL| be the result of running the [=URL parser=] on
+ 1. Let |trustedScoringSignalsURL| be the result of [=parse and verify a trusted signals URL=] on
|config|["{{AuctionAdConfig/trustedScoringSignalsURL}}"].
- 1. If |trustedScoringSignalsURL| is failure, or it is not [=same origin=] with |auctionConfig|'s
- [=auction config/seller=], then return failure.
- 1. [=Assert=]: |trustedScoringSignalsURL|'s [=url/scheme=] is "`https`".
+ 1. If |trustedScoringSignalsURL| is failure, return failure.
1. Set |auctionConfig|'s [=auction config/trusted scoring signals url=] to
|trustedScoringSignalsURL|.
1. If |config|["{{AuctionAdConfig/maxTrustedScoringSignalsURLLength}}"] [=map/exists=]:
@@ -1463,7 +1458,8 @@ To check if required seller capabilities are permitted given an [=auc
-To generate potentially multiple bids given an [=ordered map=]-or-null |allTrustedBiddingSignals|,
+To generate potentially multiple bids given an [=ordered map=]-or-null
+|allTrustedBiddingSignals|, and an [=origin=]-or-null |crossOriginTrustedBiddingSignalsOrigin|,
a [=string=] |auctionSignals|, a {{BiddingBrowserSignals}} |browserSignals|, a [=string=]-or-null |perBuyerSignals|,
a {{DirectFromSellerSignalsForBuyer}} |directFromSellerSignalsForBuyer|, a [=duration=]
|perBuyerTimeout| in milliseconds, a [=currency tag=] |expectedCurrency|, an {{unsigned short}}
@@ -1490,8 +1486,8 @@ a {{DirectFromSellerSignalsForBuyer}} |directFromSellerSignalsForBuyer|, a [=dur
1. [=map/Set=] |prevWinIDL|["{{PreviousWin/adJSON}}"] to |prevWin|'s [=previous win/ad json=].
1. [=list/Append=] |prevWinIDL| to |prevWins|.
1. [=map/Set=] |browserSignals|["{{BiddingBrowserSignals/prevWinsMs}}"] to |prevWins|.
- 1. Let |biddingScript| be the result of [=fetching script=] with |ig|'s
- [=interest group/bidding url=].
+ 1. Let « |biddingScript|, ignored » be the result of [=fetching script=] with
+ |ig|'s [=interest group/bidding url=].
1. If |biddingScript| is failure, return failure.
1. If |ig|'s [=interest group/bidding wasm helper url=] is not null:
1. Let |wasmModuleObject| be the result of [=fetching WebAssembly=] with |ig|'s
@@ -1506,9 +1502,21 @@ a {{DirectFromSellerSignalsForBuyer}} |directFromSellerSignalsForBuyer|, a [=dur
1. [=list/For each=] |key| of |ig|'s [=interest group/trusted bidding signals keys=]:
1. If |allTrustedBiddingSignals|[|key|] [=map/exists=], then [=map/set=]
|trustedBiddingSignals|[|key|] to |allTrustedBiddingSignals|[|key|].
+ 1. Let |sameOriginTrustedBiddingSignals| be null.
+ 1. Let |crossOriginTrustedBiddingSignals| be null.
+ 1. If |trustedBiddingSignals| is not null:
+ 1. If |crossOriginTrustedBiddingSignalsOrigin| is null, then set
+ |sameOriginTrustedBiddingSignals| to |trustedBiddingSignals|.
+ 1. Otherwise:
+ 1. Set |crossOriginTrustedBiddingSignals| to a new [=ordered map=] whose [=map/keys=] are
+ [=strings=] and whose [=map/values=] are {{any}}.
+ 1. Let |originKey| be the [=serialization of an origin|serialization=] of
+ |crossOriginTrustedBiddingSignalsOrigin|.
+ 1. [=map/Set=] |crossOriginTrustedBiddingSignalsOrigin|[|originKey|] to |trustedBiddingSignals|.
1. Return the result of [=evaluating a bidding script=] with |biddingScript|, |multiBidLimit|, |ig|, |expectedCurrency|,
- |igGenerateBid|, |auctionSignals|, |perBuyerSignals|, |trustedBiddingSignals|, |browserSignals|,
- |directFromSellerSignalsForBuyer|, and |perBuyerTimeout|.
+ |igGenerateBid|, |auctionSignals|, |perBuyerSignals|, |sameOriginTrustedBiddingSignals|,
+ |crossOriginTrustedBiddingSignals|, |browserSignals|, |directFromSellerSignalsForBuyer|.
+ and |perBuyerTimeout|.
@@ -1519,8 +1527,8 @@ To generate and score bids given an [=auction config=] |auctionConfig
|bidDebugReportInfoList|:
1. [=Assert=] that these steps are running [=in parallel=].
1. Let |auctionStartTime| be the [=current wall time=].
-1. Let |decisionLogicScript| be the result of [=fetching script=] with |auctionConfig|'s
- [=auction config/decision logic url=].
+1. Let « |decisionLogicScript|, |allowCrossOriginTrustedScoringSignalsFrom| » be the result of
+ [=fetching script=] with |auctionConfig|'s [=auction config/decision logic url=].
1. If |decisionLogicScript| is failure, return null.
1. Let |seller| be |auctionConfig|'s [=auction config/seller=].
1. Let « |bidGenerators|, |negativeTargetInfo| » be the result of running
@@ -1552,12 +1560,12 @@ To generate and score bids given an [=auction config=] |auctionConfig
1. If |compWinnerInfo|'s [=leading bid info/leading bid=] is not null, then run
[=score and rank a bid=] with |auctionConfig|, |compWinnerInfo|'s
[=leading bid info/leading bid=], |leadingBidInfo|, |decisionLogicScript|,
- null, "top-level-auction", null, and |topLevelOrigin|.
+ |allowCrossOriginTrustedScoringSignalsFrom|, null, "top-level-auction", null, and |topLevelOrigin|.
1. If |compWinnerInfo|'s [=leading bid info/leading non-k-anon-enforced bid=]
is not null, then run [=score and rank a bid=] with |auctionConfig|,
|compWinnerInfo|'s [=leading bid info/leading non-k-anon-enforced bid=],
- |leadingBidInfo|, |decisionLogicScript|, null, "top-level-auction", null,
- and |topLevelOrigin|.
+ |leadingBidInfo|, |decisionLogicScript|, |allowCrossOriginTrustedScoringSignalsFrom|, null,
+ "top-level-auction", null, and |topLevelOrigin|.
1. Decrement |pendingComponentAuctions| by 1.
1. Wait until |pendingComponentAuctions| is 0.
1. If |leadingBidInfo|'s [=leading bid info/leading bid=] is null, return null.
@@ -1623,8 +1631,8 @@ To generate and score bids given an [=auction config=] |auctionConfig
1. Let |pendingAdditionalBids| be the [=list/size=] of |additionalBids|.
1. [=list/For each=] |additionalBid| of |additionalBids|, run the following steps [=in parallel=]:
1. [=Score and rank a bid=] with |auctionConfig|, |additionalBid|, |leadingBidInfo|,
- |decisionLogicScript|, null, |auctionLevel|, |componentAuctionExpectedCurrency|, and
- |topLevelOrigin|.
+ |decisionLogicScript|, |allowCrossOriginTrustedScoringSignalsFrom|, null, |auctionLevel|,
+ |componentAuctionExpectedCurrency|, and |topLevelOrigin|.
1. Decrement |pendingAdditionalBids| by 1.
1. Let |settings| be |global|'s [=relevant settings object=].
1. [=map/For each=] |buyer| → |perBuyerGenerator| of |bidGenerators|,
@@ -1673,6 +1681,9 @@ To generate and score bids given an [=auction config=] |auctionConfig
to the result of running [=is debugging only in cooldown or lockout=] with |buyer|.
1. [=map/For each=] |slotSizeQueryParam| → |perSlotSizeQueryParam| of |perBuyerGenerator|:
1. [=map/For each=] |signalsUrl| → |perSignalsUrlGenerator| of |perSlotSizeQueryParam|:
+ 1. Let |crossOriginTrustedBiddingSignalsOrigin| be null.
+ 1. If |buyer| is not [=same origin=] with |signalsUrl|'s [=url/origin=], then set
+ |crossOriginTrustedBiddingSignalsOrigin| to |signalsUrl|'s [=url/origin=].
1. Let |trustedBiddingSignalsBatcher| be a new [=trusted bidding signals batcher=].
1. Let |fetchSignalStartTime| be |settings|'s [=environment settings object/current monotonic time=].
1. [=map/For each=] joiningOrigin → |groups| of |perSignalsUrlGenerator|:
@@ -1680,7 +1691,7 @@ To generate and score bids given an [=auction config=] |auctionConfig
1. [=Batch or fetch trusted bidding signals=] given |trustedBiddingSignalsBatcher|,
|ig|, |signalsUrl|, |buyerExperimentGroupId|, |topLevelOrigin|, and |slotSizeQueryParam|.
1. [=Fetch the current outstanding trusted signals batch=] given |trustedBiddingSignalsBatcher|,
- |signalsUrl|, |buyerExperimentGroupId|, |topLevelOrigin|, and |slotSizeQueryParam|.
+ |signalsUrl|, |buyer|, |buyerExperimentGroupId|, |topLevelOrigin|, and |slotSizeQueryParam|.
1. [=Process updateIfOlderThanMs=] with |buyer|, and |trustedBiddingSignalsBatcher|'s
[=trusted bidding signals batcher/all per interest group data=].
1. Let |fetchSignalDuration| be the [=duration from=] |fetchSignalStartTime| to |settings|'s
@@ -1705,11 +1716,17 @@ To generate and score bids given an [=auction config=] |auctionConfig
1. Set |dataVersion| to |trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/data versions=]
[|ig|'s [=interest group/name=]].
1. Set |allTrustedBiddingSignals| to [=trusted bidding signals batcher/all trusted bidding signals=].
- 1. If |dataVersion| is not null, then [=map/set=] |browserSignals|["{{BiddingBrowserSignals/dataVersion}}"] to |dataVersion|.
- 1. Otherwise, [=map/remove=] |browserSignals|["{{BiddingBrowserSignals/dataVersion}}"].
+ 1. [=map/Remove=] |browserSignals|["{{BiddingBrowserSignals/dataVersion}}"].
+ 1. [=map/Remove=] |browserSignals|["{{BiddingBrowserSignals/crossOriginDataVersion}}"].
+ 1. If |dataVersion| is not null:
+ 1. If |crossOriginTrustedBiddingSignalsOrigin| is not null, then [=map/set=]
+ |browserSignals|["{{BiddingBrowserSignals/crossOriginDataVersion}}"] to |dataVersion|.
+ 1. Otherwise, [=map/set=] |browserSignals|["{{BiddingBrowserSignals/dataVersion}}"] to
+ |dataVersion|.
1. Let « |bidsBatch|, |bidDebugReportInfo| » be the result of [=generate potentially multiple bids=] given
- |allTrustedBiddingSignals|, |auctionSignals|, a [=map/clone=] of |browserSignals|,
- |perBuyerSignals|, |directFromSellerSignalsForBuyer|, |perBuyerTimeout|,
+ |allTrustedBiddingSignals|, |crossOriginTrustedBiddingSignalsOrigin|, |auctionSignals|,
+ a [=map/clone=] of |browserSignals|, |perBuyerSignals|,
+ |directFromSellerSignalsForBuyer|, |perBuyerTimeout|,
|expectedCurrency|, |multiBidLimit|, |ig|, and |auctionStartTime|.
1. Let |generateBidDuration| be the [=duration from=] |generateBidStartTime| to |settings|'s
[=environment settings object/current monotonic time=], in milliseconds.
@@ -1748,7 +1765,8 @@ To generate and score bids given an [=auction config=] |auctionConfig
1. Let |generateBidStartTime| be |settings|'s
[=environment settings object/current monotonic time=].
1. Set « |generatedBids|, |bidDebugReportInfo| » to the result of [=generate potentially multiple bids=] given
- |allTrustedBiddingSignals|, |auctionSignals|, a [=map/clone=] of |browserSignals|,
+ |allTrustedBiddingSignals|, |crossOriginTrustedBiddingSignalsOrigin|, |auctionSignals|,
+ a [=map/clone=] of |browserSignals|,
|perBuyerSignals|, |directFromSellerSignalsForBuyer|, |perBuyerTimeout|, |expectedCurrency|,
1 (for multiBidLimit), |ig|, and |auctionStartTime|.
@@ -1771,7 +1789,8 @@ To generate and score bids given an [=auction config=] |auctionConfig
1. If |bidToScore|'s [=generated bid/for k-anon auction=] is true,
[=list/append=] |bidToScore|'s [=generated bid/interest group=] to |bidIgs|.
1. [=Score and rank a bid=] with |auctionConfig|, |bidToScore|, |leadingBidInfo|,
- |decisionLogicScript|, |directFromSellerSignalsForSeller|, |dataVersion|, |auctionLevel|,
+ |decisionLogicScript|, |allowCrossOriginTrustedScoringSignalsFrom|,
+ |directFromSellerSignalsForSeller|, |dataVersion|, |auctionLevel|,
|componentAuctionExpectedCurrency|, and |topLevelOrigin|.
1. Decrement |pendingBuyers| by 1.
1. Wait until both |pendingBuyers| and |pendingAdditionalBids| are 0.
@@ -1856,55 +1875,96 @@ To convert to an AuctionAd sequence given a [=list=]-or-null |ads|:
-To
score and rank a bid given an [=auction config=] |auctionConfig|, a [=generated bid=]
-|generatedBid|, a [=bid debug reporting info=] |bidDebugReportInfo|, a [=leading bid info=] |leadingBidInfo|, a [=string=] |decisionLogicScript|, a
-{{DirectFromSellerSignalsForSeller}} |directFromSellerSignalsForSeller|, an {{unsigned long}}-or-null
-|biddingDataVersion|, an enum |auctionLevel|, which is "single-level-auction", "top-level-auction",
-or "component-auction", a [=currency tag=] |componentAuctionExpectedCurrency|, and an [=origin=]
-|topLevelOrigin|:
-
+To
fetch and decode trusted scoring signals given an [=auction config=] |auctionConfig|,
+a [=generated bid=] |generatedBid|, a [=list=] of [=origins=]
+|allowCrossOriginTrustedScoringSignalsFrom|, and an [=origin=] |topLevelOrigin|:
+
+1. Let |crossOriginTrustedScoringSignalsOrigin| be null.
+1. Let |sameOriginTrustedScoringSignals| be null.
+1. Let |crossOriginTrustedScoringSignals| be null.
+1. Let |scoringDataVersion| be null.
1. Let |renderURL| be [=URL serializer|serialized=] |generatedBid|'s
[=generated bid/ad descriptor=]'s [=ad descriptor/url=].
1. Let |adComponentRenderURLs| be a new empty [=list=].
1. If |generatedBid|'s [=generated bid/ad component descriptors=] is not null:
- 1. [=list/For each=] |adComponentDescriptor| in |generatedBid|'s
- [=generated bid/ad component descriptors=]:
+ 1. [=list/For each=] |adComponentDescriptor| in |generatedBid|'s [=generated bid/ad component
+ descriptors=]:
1. [=list/Append=] [=URL serializer|serialized=] |adComponentDescriptor|'s [=ad descriptor/url=]
to |adComponentRenderURLs|.
-1. Let |fullSignalsUrl| be the result of [=building trusted scoring signals url=] with |auctionConfig|'s
- [=auction config/trusted scoring signals url=], «|renderURL|», |adComponentRenderURLs|,
- |auctionConfig|'s [=auction config/seller experiment group id=], and |topLevelOrigin|.
-
- Implementations may batch requests by collecting render URLs and ad component render URLs
- from multiple invocations of [=score and rank a bid=] and passing them all to a single invocation
- of [=building trusted scoring signals url=] to get a |scoringSignalsUrl|. By employing this approach,
- the [=string/length=] of [=URL serializer|serialized=] |scoringSignalsUrl| must not exceed the
-
- [=auction config/max trusted scoring signals url length=] of the auction. In cases where the length
- limit is exceeded, the request must be divided into smaller pieces to comply with the length restriction.
- However, note that a single request is always considered valid, regardless of whether its length exceeds
- the auction's [=auction config/max trusted scoring signals url length=].
-
-
- The network response has to be parsed to pull out the pieces relevant to each
- [=evaluating a scoring script|evaluation of a scoring script=].
-1. Let |trustedScoringSignals| be null.
-1. Let «|allTrustedScoringSignals|, ignored, |scoringDataVersion|» be the result of [=fetching
- trusted signals=] with |fullSignalsUrl| and false.
-1. If |allTrustedScoringSignals| is an [=ordered map=]:
- 1. Set |trustedScoringSignals| to a new empty [=map=].
- 1. [=map/Set=] |trustedScoringSignals|["`renderURL`"] to a new empty [=map=].
- 1. If |allTrustedScoringSignals|["`renderURLs`"] [=map/exists=] and
- |allTrustedScoringSignals|["`renderURLs`"][|renderURL|] [=map/exists=], then [=map/set=] |trustedScoringSignals|["`renderURL`"][|renderURL|] to
- |allTrustedScoringSignals|["`renderURLs`"][|renderURL|].
- 1. If |adComponentRenderURLs| is not [=list/empty=]:
- 1. Let |adComponentRenderURLsValue| be a new empty [=map=].
- 1. If |allTrustedScoringSignals|["`adComponentRenderURLs`"] [=map/exists=], [=set/for each=]
- |adComponentRenderURL| in |adComponentRenderURLs|:
- 1. If |allTrustedScoringSignals|["`adComponentRenderURLs`"][|adComponentRenderURL|]
- [=map/exists=], then [=map/set=] |adComponentRenderURLsValue|[|adComponentRenderURL|] to
- |allTrustedScoringSignals|["`adComponentRenderURLs`"][|adComponentRenderURL|].
- 1. [=map/Set=] |trustedScoringSignals|["`adComponentRenderURLs`"] to |adComponentRenderURLsValue|.
+1. Let |fullSignalsUrl| be null.
+1. If |auctionConfig|'s [=auction config/trusted scoring signals url=] is not null:
+ 1. Set |fullSignalsUrl| be the result of [=building trusted scoring signals url=] with |auctionConfig|'s
+ [=auction config/trusted scoring signals url=], «|renderURL|», |adComponentRenderURLs|,
+ |auctionConfig|'s [=auction config/seller experiment group id=], and |topLevelOrigin|.
+
+ Implementations may batch
trusted scoring signals
+ requests with same [=auction config/trusted scoring signals url=], |auctionConfig|'s
+ [=auction config/seller experiment group id=], and |topLevelOrigin| by collecting render URLs
+ and ad component render URLs from multiple invocations of [=score and rank a bid=] and passing
+ them all to a single invocation of [=building trusted scoring signals url=] to get a
+ |scoringSignalsUrl|. Requests may not be combined if the resulting combination's
+ [=string/length=] of [=URL serializer|serialized=] |scoringSignalsUrl| exceeds the [=auction
+ config/max trusted scoring signals url length=] of the auction; however this limit does not
+ apply if no combining has taken place.
+
+ The network response has to be parsed to pull out the pieces relevant to each
+ [=evaluating a scoring script|evaluation of a scoring script=].
+
+ These requests may also begin before the script fetch, but requests cross-origin to the
+ script origin must not happen until [:Ad-Auction-Allow-Trusted-Scoring-Signals-From:] header on
+ the script is received, parsed, and determined to authorize such a fetch.
+ 1. If |fullSignalsUrl|'s [=url/origin=] is not [=same origin=] with |auctionConfig|'s
+ [=auction config/seller=], then:
+ 1. Set |crossOriginTrustedScoringSignalsOrigin| to |fullSignalsUrl|'s [=url/origin=].
+ 1. If |allowCrossOriginTrustedScoringSignalsFrom| does not [=list/contain=]
+ |crossOriginTrustedScoringSignalsOrigin|:
+ 1. Set |crossOriginTrustedScoringSignalsOrigin| to null.
+ 1. Set |fullSignalsUrl| to null.
+1. If |fullSignalsUrl| is not null:
+ 1. Let |allTrustedScoringSignals| be null.
+ 1.
Set «|allTrustedScoringSignals|,
+
ignored, |scoringDataVersion|» to the result of [=fetching trusted signals=]
+ with |fullSignalsUrl|, |auctionConfig|'s [=auction config/seller=], and false.
+ 1. If |allTrustedScoringSignals| is an [=ordered map=]:
+ 1. Let |trustedScoringSignals| be a new empty [=map=].
+ 1. [=map/Set=] |trustedScoringSignals|["`renderURL`"] to a new empty [=map=].
+ 1. If |allTrustedScoringSignals|["`renderURLs`"] [=map/exists=] and
+ |allTrustedScoringSignals|["`renderURLs`"][|renderURL|] [=map/exists=], then [=map/set=]
+ |trustedScoringSignals|["`renderURL`"][|renderURL|] to
+ |allTrustedScoringSignals|["`renderURLs`"][|renderURL|].
+ 1. If |adComponentRenderURLs| is not [=list/empty=]:
+ 1. Let |adComponentRenderURLsValue| be a new empty [=map=].
+ 1. If |allTrustedScoringSignals|["`adComponentRenderURLs`"] [=map/exists=], [=set/for each=]
+ |adComponentRenderURL| in |adComponentRenderURLs|:
+ 1. If |allTrustedScoringSignals|["`adComponentRenderURLs`"][|adComponentRenderURL|]
+ [=map/exists=], then [=map/set=] |adComponentRenderURLsValue|[|adComponentRenderURL|] to
+ |allTrustedScoringSignals|["`adComponentRenderURLs`"][|adComponentRenderURL|].
+ 1. [=map/Set=] |trustedScoringSignals|["`adComponentRenderURLs`"] to |adComponentRenderURLsValue|.
+ 1. If |crossOriginTrustedScoringSignalsOrigin| is null, set |sameOriginTrustedScoringSignals|
+ to |trustedScoringSignals|.
+ 1. Otherwise:
+ 1. Set |crossOriginTrustedScoringSignals| to a new [=map=].
+ 1. Let |originKey| be the [=serialization of an origin|serialization=] given
+ |crossOriginTrustedScoringSignalsOrigin|.
+ 1. [=map/Set=] |crossOriginTrustedScoringSignals|[|originKey|] to |trustedScoringSignals|.
+1. Return «|crossOriginTrustedScoringSignalsOrigin|, |sameOriginTrustedScoringSignals|,
+ |crossOriginTrustedScoringSignals|, |scoringDataVersion|»
+
+
+To score and rank a bid given an [=auction config=] |auctionConfig|, a [=generated bid=]
+|generatedBid|, a [=bid debug reporting info=] |bidDebugReportInfo|, a [=leading bid info=] |leadingBidInfo|,
+a [=string=] |decisionLogicScript|, a [=list=] or [=origins=] |allowCrossOriginTrustedScoringSignalsFrom|,
+a {{DirectFromSellerSignalsForSeller}} |directFromSellerSignalsForSeller|, an {{unsigned long}}-or-null
+|biddingDataVersion|, an enum |auctionLevel|, which is "single-level-auction", "top-level-auction",
+or "component-auction", a [=currency tag=] |componentAuctionExpectedCurrency|, and an [=origin=]
+|topLevelOrigin|:
+
+1. Let «|crossOriginTrustedScoringSignalsOrigin|, |sameOriginTrustedScoringSignals|,
+ |crossOriginTrustedScoringSignals|, |scoringDataVersion|» be the result of [=fetch and
+ decode trusted scoring signals=] given |auctionConfig|, |generatedBid|,
+ |allowCrossOriginTrustedScoringSignalsFrom|, |topLevelOrigin|.
1. Let |adMetadata| be |generatedBid|'s [=generated bid/ad=].
1. Let |bidValue| be |generatedBid|'s [=generated bid/bid=].
1. If |generatedBid|'s [=generated bid/modified bid=] is not null, then set |bidValue| to
@@ -1929,7 +1989,11 @@ or "component-auction", a [=currency tag=] |componentAuctionExpectedCurrency|, a
The result of [=serializing a currency tag=] with |generatedBid|'s [=generated bid/bid=]'s
[=bid with currency/currency=]
{{ScoringBrowserSignals/dataVersion}}
- |scoringDataVersion| if it is not null, {{undefined}} otherwise
+ |scoringDataVersion| if it is not null and |crossOriginTrustedScoringSignalsOrigin| is null,
+ unset otherwise.
+ {{ScoringBrowserSignals/crossOriginDataVersion}}
+ |scoringDataVersion| if it is not null and |crossOriginTrustedScoringSignalsOrigin| is not
+ null, unset otherwise.
{{ScoringBrowserSignals/adComponents}}
|generatedBid|'s [=generated bid/ad component descriptors=] [=converted to a string sequence=]
{{ScoringBrowserSignals/forDebuggingOnlyInCooldownOrLockout}}
@@ -1939,8 +2003,8 @@ or "component-auction", a [=currency tag=] |componentAuctionExpectedCurrency|, a
1. Let « |scoreAdResult|, |debugWinReportUrl|, |debugLossReportUrl| » be the result of
[=evaluating a scoring script=] with |decisionLogicScript|, |adMetadata|,
|bidValue|'s [=bid with currency/value=], |auctionConfig|'s [=auction config/config idl=],
- |trustedScoringSignals|, |browserSignals|, |directFromSellerSignalsForSeller|, and
- |auctionConfig|'s [=auction config/seller timeout=].
+ |sameOriginTrustedScoringSignals|, |crossOriginTrustedScoringSignals|, |browserSignals|,
+ |directFromSellerSignalsForSeller|, and |auctionConfig|'s [=auction config/seller timeout=].
1. If |auctionLevel| is "top-level-auction":
1. Set |bidDebugReportInfo|'s [=bid debug reporting info/top level seller debug loss report url=] to
|debugLossReportUrl|.
@@ -2116,6 +2180,24 @@ To validate fetching response given a [=response=] |response|, null,
1. Return true.
+The Ad-Auction-Allow-Trusted-Scoring-Signals-From HTTP response header is a
+[=structured header=] whose value must be a [=structured header/list=] of [=structured header/strings=].
+
+
+To parse allowed trusted scoring signals origins given a [=header list=] |headerList|:
+
+ 1. Let |parsedHeader| be the result of [=header list/getting a structured field value=]
+ given [:Ad-Auction-Allow-Trusted-Scoring-Signals-From:] and "`list`" from |headerList|.
+ 1. If |parsedHeader| is null, return an empty [=list=].
+ 1. Let |result| be a new [=list=] of [=origins=].
+ 1. [=list/For each=] |entry| in |parsedHeader|:
+ 1. If |entry| is not a [=string=], return an empty [=list=].
+ 1. Let |parsedEntry| be the result of [=parsing an https origin=] on |entry|.
+ 1. If |parsedEntry| is failure, return an empty [=list=].
+ 1. [=list/Append=] |parsedEntry| to |result|.
+ 1. Return |result|.
+
+
To
fetch script given a [=URL=] |url|:
1. Let |request| be a new [=request=] with the following properties:
@@ -2140,14 +2222,30 @@ To
fetch script given a [=URL=] |url|:
Issue: Stop using "`no-cors`" mode where possible
(
WICG/turtledove#667).
1. Let |script| be null.
- 1. [=Fetch=] |request| with [=fetch/useParallelQueue=] set to true, and
- [=fetch/processResponseConsumeBody=] set to the following steps given a [=response=] |response|
- and null, failure, or a [=byte sequence=] |responseBody|:
- 1. If [=validate fetching response=] with |response|, |responseBody| and "`text/javascript`"
- returns false, set |script| to failure and return.
- 1. Set |script| to |responseBody|.
+ 1. Let |allowCrossOriginTrustedScoringSignalsFrom| be an empty [=list=].
+ 1. Let |fetchController| be the result of [=fetching=] |request| with [=fetch/useParallelQueue=]
+ set to true, and [=fetch/processResponse=] set to the following steps given
+ a [=response=] |response|:
+ 1. If the result of [=validating fetching response headers=] given |response| is false:
+ 1. [=fetch controller/Abort=] |fetchController|.
+ 1. Set |script| to failure.
+ 1. Return.
+ 1. Set |allowCrossOriginTrustedScoringSignalsFrom| to the result of [=parsing allowed trusted
+ scoring signals origins=] given |response|'s [=response/header list=].
+ 1. Let |bodyStream| be |response|’s [=response/body=]’s [=body/stream=].
+ 1. Let |bodyReader| be result of [=ReadableStream/getting a reader=] from |bodyStream|.
+ 1. Let |successSteps| be a set of steps that take a [=byte sequence=] |responseBody|, and
+ perform the following:
+ 1. If [=validate fetching response mime and body=] with |response|, |responseBody| and
+ "`text/javascript`" returns false, set |script| to failure.
+ 1. Otherwise, set |script| to |responseBody|.
+ 1. Let |failureSteps| be a set of steps that take an [=exception=]
e, and
+ perform the following:
+ 1. Set |script| to failure.
+ 1. [=ReadableStreamDefaultReader/Read all bytes=] from |bodyReader|, given |successSteps|
+ and |failureSteps|.
1. Wait for |script| to be set.
- 1. Return |script|.
+ 1. Return « |script|, |allowCrossOriginTrustedScoringSignalsFrom| ».
@@ -2192,17 +2290,20 @@ The
X-fledge-bidding-signals-format-version
is a [=structured header=] whose value must be an [=structured header/integer=].
-To
fetch trusted signals given a [=URL=] |url|, and a [=boolean=] |isBiddingSignal|:
+To
fetch trusted signals given a [=URL=] |url|, an [=origin=] |scriptOrigin|,
+and a [=boolean=] |isBiddingSignal|:
1. Let |request| be a new [=request=] with the following properties:
: [=request/URL=]
:: |url|
+ : [=request/origin=]
+ :: |scriptOrigin|
: [=request/header list=]
:: «`Accept`: `application/json`»
: [=request/client=]
:: `null`
: [=request/mode=]
- :: "`no-cors`"
+ :: "`cors`"
: [=request/referrer=]
:: "`no-referrer`"
: [=request/credentials mode=]
@@ -2213,8 +2314,6 @@ To
fetch trusted signals given a [=URL=] |url|, and a [=boolean=] |is
Issue: One of the side-effects of a `null` client for this subresource request is it neuters all
service worker interceptions, despite not having to set the service workers mode.
- Issue: Stop using "`no-cors`" mode where possible
- (
WICG/turtledove#667).
1. Let |signals| be null.
1. Let |dataVersion| be null.
1. Let |formatVersion| be null.
@@ -2522,8 +2621,8 @@ To
report result given a [=leading bid info=] |leadingBidInfo|, a
given |winner|'s [=generated bid/interest group=] and |igAd| is true, then [=map/set=]
|browserSignals|["{{ReportingBrowserSignals/buyerAndSellerReportingId}}"] to |igAd|'s
[=interest group ad/buyer and seller reporting ID=].
- 1. Let |sellerReportingScript| be the result of [=fetching script=] with |config|'s
- [=auction config/decision logic url=].
+ 1. Let « |sellerReportingScript|,
ignored » be the result of [=fetching script=]
+ with |config|'s [=auction config/decision logic url=].
1. Let « |sellerSignals|, |reportUrl|, |reportingBeaconMap|, ignored » be the result of
[=evaluating a reporting script=] with |sellerReportingScript|, "`reportResult`", |config|'s
[=auction config/config idl=]'s {{AuctionAdConfig/reportingTimeout}}, and
@@ -2591,8 +2690,8 @@ a {{ReportingBrowserSignals}} |browserSignals|, and a [=direct from seller signa
|igAd|'s [=interest group ad/buyer reporting ID=].
1. Otherwise, [=map/Set=] |reportWinBrowserSignals|["{{ReportWinBrowserSignals/interestGroupName}}"]
to |winner|'s [=generated bid/interest group=] [=interest group/name=].
- 1. Let |buyerReportingScript| be the result of [=fetching script=] with |winner|'s
- [=generated bid/interest group=]'s [=interest group/bidding url=].
+ 1. Let « |buyerReportingScript|,
ignored » be the result of [=fetching script=]
+ with |winner|'s [=generated bid/interest group=]'s [=interest group/bidding url=].
1. Let |reportFunctionName| be "`reportWin`".
1. If |winner|'s [=generated bid/provided as additional bid=] is true:
1. Set |reportFunctionName| be "`reportAdditionalBidWin`".
@@ -3434,9 +3533,9 @@ of the following global objects:
|multiBidLimit|, an [=interest group=] |ig|, a [=currency tag=] |expectedCurrency|,
a {{GenerateBidInterestGroup}} |igGenerateBid|, a [=string=]-or-null
|auctionSignals|, a [=string=]-or-null |perBuyerSignals|, an [=ordered map=]-or-null
- |trustedBiddingSignals|, a {{BiddingBrowserSignals}} |browserSignals|,
- a {{DirectFromSellerSignalsForBuyer}} |directFromSellerSignalsForBuyer| and an integer millisecond
- [=duration=] |timeout|:
+ |sameOriginTrustedBiddingSignals|, an [=ordered map=]-or-null |crossOriginTrustedBiddingSignals|,
+ a {{BiddingBrowserSignals}} |browserSignals|, a {{DirectFromSellerSignalsForBuyer}}
+ |directFromSellerSignalsForBuyer|, and an integer millisecond [=duration=] |timeout|:
1. Let |realm| be the result of [=creating a new script runner realm=] given
{{InterestGroupBiddingScriptRunnerGlobalScope}}.
@@ -3461,14 +3560,18 @@ of the following global objects:
|auctionSignals| if |auctionSignals| is not null, otherwise {{undefined}}.
1. Let |perBuyerSignalsJS| be the result of [=parsing a JSON string to a JavaScript value=]
given |perBuyerSignals| if |perBuyerSignals| is not null, otherwise {{undefined}}.
- 1. Let |trustedBiddingSignalsJS| be |trustedBiddingSignals| [=converted to ECMAScript values=].
+ 1. Let |sameOriginTrustedBiddingSignalsJS| be |sameOriginTrustedBiddingSignals|
+ [=converted to ECMAScript values=].
1. Let |browserSignalsJS| be |browserSignals| [=converted to ECMAScript values=].
- 1. Let |directFromSellerSignalsJs| be |directFromSellerSignalsForBuyer|
+ 1. Let |directFromSellerSignalsJS| be |directFromSellerSignalsForBuyer|
[=converted to ECMAScript values=].
+ 1. Let |crossOriginTrustedBiddingSignalsJS| be |crossOriginTrustedBiddingSignals|
+ [=converted to ECMAScript values=].
1. Let |startTime| be |settings|'s [=environment settings object/current monotonic time=].
1. Let |result| be the result of [=evaluating a script=] with |realm|, |script|, "`generateBid`",
- « |igJS|, |auctionSignalsJS|, |perBuyerSignalsJS|, |trustedBiddingSignalsJS|, |browserSignalsJS|,
- |directFromSellerSignalsJs| », and |timeout|.
+ « |igJS|, |auctionSignalsJS|, |perBuyerSignalsJS|, |sameOriginTrustedBiddingSignalsJS|,
+ |browserSignalsJS|, |directFromSellerSignalsJS|, |crossOriginTrustedBiddingSignalsJS| »,
+ and |timeout|.
1. Let |duration| be |settings|'s [=environment settings object/current monotonic time=] minus
|startTime| in milliseconds.
1. If |global|'s [=InterestGroupBiddingScriptRunnerGlobalScope/priority=] is not null and not failure:
@@ -3515,21 +3618,25 @@ of the following global objects:
To
evaluate a scoring script given a [=string=] |script|, a [=string=] |adMetadata|,
- a {{double}} |bidValue|, an {{AuctionAdConfig}} |auctionConfigIDL|, an [=ordered map=]
- |trustedScoringSignals|, a {{ScoringBrowserSignals}} |browserSignals|, a
- {{DirectFromSellerSignalsForSeller}} |directFromSellerSignalsForSeller|, and an integer
- millisecond [=duration=] |timeout|:
+ a {{double}} |bidValue|, an {{AuctionAdConfig}} |auctionConfigIDL|, an [=ordered map=]-or-null
+ |sameOriginTrustedScoringSignals|, an [=ordered map=]-or-null |crossOriginTrustedScoringSignals|,
+ {{ScoringBrowserSignals}} |browserSignals|, a {{DirectFromSellerSignalsForSeller}}
+ |directFromSellerSignalsForSeller|, and an integer millisecond [=duration=] |timeout|:
1. Let |realm| be the result of [=creating a new script runner realm=] given
{{InterestGroupScoringScriptRunnerGlobalScope}}.
1. Let |browserSignalsJS| be |browserSignals| [=converted to ECMAScript values=].
1. Let |auctionConfigJS| be |auctionConfigIDL| [=converted to ECMAScript values=].
- 1. Let |trustedScoringSignalsJS| be |trustedScoringSignals| [=converted to ECMAScript values=].
+ 1. Let |sameOriginTrustedScoringSignalsJS| be |sameOriginTrustedScoringSignals|
+ [=converted to ECMAScript values=].
+ 1. Let |crossOriginTrustedScoringSignalsJS| be |crossOriginTrustedScoringSignals|
+ [=converted to ECMAScript values=].
1. Let |directFromSellerSignalsJs| be |directFromSellerSignalsForSeller|
[=converted to ECMAScript values=].
1. Let |scoreAdResult| be the result of [=evaluating a script=] with |realm|, |script|, "`scoreAd`",
- «|adMetadata|, |bidValue|, |auctionConfigJS|, |trustedScoringSignalsJS|, |browserSignalsJS|,
- |directFromSellerSignalsJs|», and |timeout|.
+ «|adMetadata|, |bidValue|, |auctionConfigJS|, |sameOriginTrustedScoringSignalsJS|,
+ |browserSignalsJS|, |directFromSellerSignalsJs|, |crossOriginTrustedScoringSignalsJS|»,
+ and |timeout|.
1. Let |debugWinReportUrl| be |global|'s
[=InterestGroupBiddingAndScoringScriptRunnerGlobalScope/debug win report url=] if it's not
failure, null otherwise.
@@ -4202,9 +4309,8 @@ navigating to another page. Some implementations, such as Chromium, have chosen
"`biddingLogicURL`"
"`biddingWasmHelperURL`"
"`updateURL`"
- "`trustedBiddingSignalsURL`"
- 1. For each |groupMember| and |interestGroupField| in the following table
+ 1. For each |groupMember| and |interestGroupField|, in the following table
| Group member | Interest group field |
|---|
@@ -4219,21 +4325,22 @@ navigating to another page. Some implementations, such as Chromium, have chosen
| "`updateURL`" |
[=interest group/update url=] |
-
- | "`trustedBiddingSignalsURL`" |
- [=interest group/trusted bidding signals url=] |
-
- 1. Let |parsedURL| be the result of running the [=URL parser=] on |value|.
1. If |key| is not |groupMember|, [=iteration/continue=].
- 1. Jump to the step labeled Abort update
- if any of the following conditions hold:
- * |parsedURL| is failure;
- * |parsedURL|'s [=url/origin=] is not [=same origin=] with |ig|'s
- [=interest group/owner=];
- * |parsedURL| [=includes credentials=];
- * |parsedURL| [=url/fragment=] is not null.
- 1. Set |ig|'s |interestGroupField| to |parsedURL|.
+ 1. If |value| is a [=string=]:
+ 1. Let |parsedURL| be the result of [=parse and verify a bidding code or update URL=]
+ on |value| and |ig|'s [=interest group/owner=].
+ 1. If |parsedURL| is failure, jump to the step labeled
+ Abort update
+ 1. Set |ig|'s |interestGroupField| to |parsedURL|.
+
+ "`trustedBiddingSignalsURL`"
+
+ 1. If |value| is a [=string=]:
+ 1. Let |parsedURL| be the result of [=parse and verify a trusted signals URL=] on |value|.
+ 1. If |parsedURL| is failure, jump to the step labeled
+ Abort update
+ 1. Set |ig|'s [=interest group/trusted bidding signals url=] to |parsedURL|.
"`trustedBiddingSignalsKeys`"
@@ -4379,8 +4486,11 @@ The queryFeatureSupport(feature) method
:: 40
: "deprecatedRenderURLReplacements"
:: true
+ : "permitCrossOriginTrustedSignals"
+ :: true
: "reportingTimeout"
:: true
+1. If |feature| is "*", then return |featuresTable|.
1. If |featuresTable|[|feature|] [=map/exists=], then return |featuresTable|[|feature|].
1. Return `undefined`.
@@ -4465,6 +4575,33 @@ The estimated size of an [=interest group=] |ig|
1. Return the [=URL serializer|serialization=] of |url|.
+
+ To parse and verify a bidding code or update URL given a [=string=] |input| and an
+ [=origin=] |igOwner|:
+
+ 1. Let |parsedUrl| be the result of running the [=URL parser=] on |input|.
+ 1. Return failure if any of the following conditions hold:
+ * |parsedUrl| is failure;
+ * |parsedUrl|'s [=url/origin=] is not [=same origin=] with |igOwner|;
+ * |parsedUrl| [=includes credentials=];
+ * |parsedUrl|'s [=url/fragment=] is not null.
+ 1. [=Assert=]: |parsedUrl|'s [=url/scheme=] is "`https`".
+ 1. Return |parsedUrl|.
+
+
+
+ To parse and verify a trusted signals URL given a [=string=] |input|:
+
+ 1. Let |parsedUrl| be the result of running the [=URL parser=] on |input|.
+ 1. Return failure if any of the following conditions hold:
+ * |parsedUrl| is failure;
+ * |parsedUrl|'s [=url/scheme=] is not "`https`";
+ * |parsedUrl| [=includes credentials=];
+ * |parsedUrl|'s [=url/fragment=] is not null;
+ * |parsedUrl|'s [=url/query=] is not null.
+ 1. Return |parsedUrl|.
+
+
To
round a value given a {{double}} |value|:
@@ -4855,6 +4992,7 @@ dictionary BiddingBrowserSignals {
sequence
prevWinsMs;
object wasmHelper;
unsigned long dataVersion;
+ unsigned long crossOriginDataVersion;
boolean forDebuggingOnlyInCooldownOrLockout = false;
};
@@ -4867,6 +5005,7 @@ dictionary ScoringBrowserSignals {
record renderSize;
unsigned long dataVersion;
+ unsigned long crossOriginDataVersion;
sequence adComponents;
boolean forDebuggingOnlyInCooldownOrLockout = false;
};
@@ -5093,10 +5232,6 @@ An interest group is a [=struct=] with the following [=struct/items=]
: trusted bidding signals url
:: Null or a [=URL=]. Provide a mechanism for making real-time data available for use at bidding
time. See [=building trusted bidding signals url=].
-
- When non-null, the [=interest group/trusted bidding signals url=]'s [=origin=] will always be
- [=same origin=] with [=interest group/owner=].
-
: trusted bidding signals keys
:: Null or a [=list=] of [=strings=]. See [=building trusted bidding signals url=].
: trusted bidding signals slot size mode
@@ -5239,10 +5374,6 @@ An auction config is a [=struct=] with the following [=struct/items=]
Provide a mechanism for making real-time data (information about a specific [=ad creative=])
available for use at [=evaluate a scoring script|scoring=] time, e.g. the results of some ad
scanning system.
-
- When non-null, the [=auction config/trusted scoring signals url=]'s [=origin=] will always be
- [=same origin=] with [=auction config/seller=].
-
: max trusted scoring signals url length
:: A {{long}} integer, initially 0. Indicates the maximum trusted scoring signals fetch url length
for the auction config. 0 means no limit.
@@ -5542,9 +5673,9 @@ To append to a bidding signals per-interest group data map given an [
To
fetch the current outstanding trusted signals batch given a
-[=trusted bidding signals batcher=] |trustedBiddingSignalsBatcher|, a [=URL=] |signalsUrl|, an
-{{unsigned short}}-or-null |experimentGroupId|, an [=origin=] |topLevelOrigin|,
-and a [=string=] |slotSizeQueryParam|:
+[=trusted bidding signals batcher=] |trustedBiddingSignalsBatcher|, a [=URL=] |signalsUrl|,
+an [=origin=] |scriptOrigin|, an {{unsigned short}}-or-null |experimentGroupId|,
+an [=origin=] |topLevelOrigin|, and a [=string=] |slotSizeQueryParam|:
1. If |signalsUrl| is null, return.
1. Let |biddingSignalsUrl| be the result of [=building trusted bidding signals url=] with
@@ -5552,7 +5683,7 @@ and a [=string=] |slotSizeQueryParam|:
|trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/ig names=],
|experimentGroupId|, |topLevelOrigin|, and |slotSizeQueryParam|.
1. Let « |partialTrustedBiddingSignals|, |partialPerInterestGroupData|, |dataVersion| » be the
- result of [=fetching trusted signals=] with |biddingSignalsUrl| and true.
+ result of [=fetching trusted signals=] with |biddingSignalsUrl|, |scriptOrigin|, and true.
1. If |partialTrustedBiddingSignals| is not null:
1. [=map/For each=] |key| → |value| in |partialTrustedBiddingSignals|, [=map/set=]
|trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/all trusted bidding
@@ -5573,9 +5704,9 @@ and a [=string=] |slotSizeQueryParam|:
To batch or fetch trusted bidding signals given a [=trusted bidding signals batcher=]
-|trustedBiddingSignalsBatcher|, [=interest group=] |ig|, a [=URL=] |signalsUrl|, an
-{{unsigned short}}-or-null |experimentGroupId|, an [=origin=] |topLevelOrigin|,
-and a [=string=] |slotSizeQueryParam|:
+|trustedBiddingSignalsBatcher|, [=interest group=] |ig|, a [=URL=] |signalsUrl|,
+an [=origin=] |scriptOrigin| an {{unsigned short}}-or-null |experimentGroupId|,
+an [=origin=] |topLevelOrigin|, and a [=string=] |slotSizeQueryParam|:
1. If |signalsUrl| is null:
1. [=map/Set=] |trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/no signals flags=]
@@ -5614,7 +5745,7 @@ and a [=string=] |slotSizeQueryParam|:
|putativeLengthLimit|.
1. Otherwise:
1. [=Fetch the current outstanding trusted signals batch=] given |trustedBiddingSignalsBatcher|,
- |signalsUrl|, |experimentGroupId|, |topLevelOrigin|, |slotSizeQueryParam|.
+ |signalsUrl|, |scriptOrigin|, |experimentGroupId|, |topLevelOrigin|, |slotSizeQueryParam|.
1. If |ig|'s [=interest group/trusted bidding signals keys=] is not null, set
|trustedBiddingSignalsBatcher|'s [=trusted bidding signals batcher/keys=] to a
[=list/clone=] of |ig|'s [=interest group/trusted bidding signals keys=].