Important notice
This release includes a security update that adds a validation to bidder adapters with dynamic hostnames to avoid the possibility of hostname forgery. This has a small chance of impacting exotic Prebid Server host configurations, as certain characters in the hostname are now prohibited. Please consult the list of bidder adapters that were affected by this change here #4522 .
Security updates
- Validate url domain and path (#4522)
What’s Changed
- Core: Log bundle for app channel (#4515)
- Core: TCF 2.3 Disclosed Vendors Support (#4442)
- Bugfix: TcfV1 and DisclosedVendors section (#4512)
Vendor-Specific Updates
- LI module: Use matcher instead of source for eid premission (#4487)
- New Adapter: Adsmovil (#4504)
- New Adapter: Alliance Gravity (#4502)
- New Adapter: BeOp (#4476)
- Alkimi: Adding alkimi vendor-id and user-sync url modification (#4490)
- Seedtag: adds ron id support for seedtag adapter (#4466)
- Medianet: Update cookie sync url (#4443)
- Add cookie family name to 360playvid adapter config (#4489)
Housekeeping
- Dependency: Update GPP library (#4441)
Contributors
@CTMBNara, @Lightwood13, @VelRaj21, @akshatgmnet, @peixunzhang, @przemkaczmarek, @sangarbe and @Net-burst