prebid / Prebid.js / 25077424036
96%

DEFAULT BRANCH: master
Ran
Jobs 1
Files 2
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 100.0%. Remained the same
25077424036

push

github

web-flow 
Encypher RTD Provider: C2PA content provenance signals (#14807)

* feat: add Encypher RTD provider for C2PA content provenance

Injects C2PA content provenance signals into OpenRTB bid requests at
site.ext.data.c2pa, enabling DSPs to factor verified publisher identity
and content integrity into bidding decisions.

Three execution paths in strict priority:
- Path A (Manifest shortcut): reads <meta name="c2pa-manifest-url">
- Path B (Cache): serves from localStorage, no network call
- Path C (API): extracts text, sends to Encypher API which detects
  existing embedded provenance markers or signs fresh content

Content signed at CMS/CDN level carries invisible C2PA markers that
survive DOM rendering. The API detects and verifies these server-side,
returning the publisher's authenticated signer tier. This differentiates
publisher-signed inventory from third-party-attested inventory in bids.

Extracts JSON-LD metadata (author, dates, section, keywords, publisher,
language) for analytics when structured data is available.

No external scripts loaded. Every code path calls callback(). The module
never blocks an auction. GDPR-compliant via Prebid storageManager.

Free tier: 1,000 unique content signatures per domain per month.
Verification of already-signed content does not count against quota.
Deduped by content hash. Quota exceeded fails open gracefully.

* fix(encypherRtd): add security guards from code review

- Add callback-once guard to prevent double-invocation
- Add 2s safety timeout so module never blocks auction
- Add GDPR consent gate before transmitting page content
- Add API host allowlist (api.encypher.com, staging-api.encypher.com)
- Add tests for consent, allowlist, and HTTP-rejection scenarios
- Update test apiBase to use allowed host

* docs(encypherRtd): note security guards in module README

* fix(encypherRtd): address review feedback, migrate to TypeScript

- Extract getCanonicalUrl/hashUrl to libraries/encypherUtils
- Remove application/... (continued)

2 of 2 relevant lines covered (100.0%)

4.5 hits per line

Jobs
ID Job ID Ran Files Coverage
1 25077424036.1 9
100.0
 GitHub Action Run
Source Files on build 25077424036