Origins, Domains, and Subdomains
Overview
This site tries to replicate the behaviors that will be seen on the open web when a user visits various sites that would like to advertiser to her, and then visits various publishers who would like to sell ad space, all mediated by ad techs that are generally not the same company as the advertisers or publishers themselves.
In order to do this we have registered a number of different domains that are used in these demos. Below we'll list them, give some basics on how they're used, and some technical explainer on how this works.
PST Domains
Privacy Sandbox Testing has reserved a number of domains:
- Original Domains: originally I just reserved a few with a similar namespaces, with
the idea being I could actually test different origin, subdomain, etc scenarios realistically:
- privacy-sandbox-testing.com
- privacy-sandbox-testing-one.com
- privacy-sandbox-testing-two.com
- privacy-sandbox-testing-three.com
- Ad Tech Relevant Domains: there are a number of domains for the 4 generic ad tech roles,
advertiser, publisher, DSP, and SSP, and one for for an Identity Provider. I have been using these terms loosely, i.e. I haven't yet been
very specific with differentiating between and Ad Server and an Exchange and an SSP. That may become,
valuable at some point, for now the domains are:
- Advertisers: pst-advertiser.com, pst-advertiser-two.com, pst-advertiser-sports.com, pst-advertiser-literature.com.
- Publishers: pst-publisher.com, pst-publisher-two.com, pst-publisher-news.com, pst-publisher-awwwww.com.
- DSPs: pst-dsp.com and pst-dsp-two.com.
- SSPs: pst-ssp.com and pst-ssp-two.com.
- Identity Provider: pst-identity-provider.com
Subdomains are occasionally used in a few tests where it's relevant. Originally I doing specific subdomains across the board, but that didn't really pan out. There are a few of the original tests that use a few specific ones, but it's not widespread.
PST Domain Watermark
There is a watermark in the left and right columns of the page that will "flash" on page load to remind you which domain you're in. I'm not a UX designer, the idea here is to make it easy to see which domain you're in to verify that things are happening correctly, i.e. a demo that says we're on the advertiser site doesn't accidentally load an IG on the publisher site by accident, invalidating the test.
The watermark is inferred from the hostname of the request. Currently it flashes bright and fades to a light watermark; I'm very open to ideas of how to make this better.
PST Technology
Briefly:
- PST is hosted on AWS, currently a single small instance (yes backed by a volume and backed up and using git).
- Each domain is registered through AWS, has it's own certificate and A record, which points to the same AWS load balancer.
- I'm using wildcard certs and routing, which you wouldn't typically do but is fine for testing.
- The browser doesn't care about where the request goes when doing it's same-origin/host logic, so from a browser perspective it is 11 (at writing) different domains. The single server makes it much easier to write code for and manage these "different" sites.
- Many tests will click-out to an advertiser site to generate some data, then return to a publisher site to show an ad.
- In general, for a while now I've been trying to be good about having the publisher load code from the SSP domain(s) when appropriate, and similar for the advertisers and DSPs.
- Server side code is fastify/node.js.
- There isn't really a CMS, since I was prioritizing the multiple-domains thing and didn't immediately know how to do that in any CMS I'm familar with. That said I've been slowly been forced to build little things to try to maintain order.
- Yes I've used ChatGPT a lot.