VAST

AdSecure now supports the processing of VAST XML files to ensure compliance with resource guidelines. VAST (Video Ad Serving Template) is an XML-based format used to load advertisements into video players. These ads can take the form of images, videos, or other media types. AdSecure analyzes the content within the VAST XML to verify that all resources adhere to the specified guidelines, including checking for unauthorized cookie drops or other compliance issues.

What We Check For

The primary goal of processing VAST XML files is to detect if cookies are being set before user consent is obtained. We specifically search for the presence of the Set-Cookie header within the HTTP responses of all resources referenced in the VAST XML. By analyzing these headers, AdSecure ensures that no cookies are being dropped in violation of consent guidelines. A detailed list of all the elements we examine is provided in the following section.

VAST Schema elements

In the process of analyzing VAST XML files, AdSecure examines various elements within the schema to ensure compliance. Each element in the VAST XML may reference resources that need to be checked for unauthorized cookie drops or other violations. Below is a detailed list of the elements that are scrutinized during the analysis, ensuring that every resource adheres to the required guidelines. AdSecure supports the processing of VAST versions 3 and 4, ensuring compliance across these widely-used formats.

  • VAST.Ad.Wrapper.Error
  • VAST.Ad.Wrapper.Impression
  • VAST.Ad.Wrapper.VASTAdTagURI
  • VAST.Ad.Wrapper.AdVerifications.Verification.JavaScriptResource
  • VAST.Ad.Wrapper.AdVerifications.Verification.ViewableImpression
  • VAST.Ad.Wrapper.ViewableImpression.Viewable
  • VAST.Ad.Wrapper.ViewableImpression.NotViewable
  • VAST.Ad.Wrapper.ViewableImpression.ViewUndetermined
  • VAST.Ad.Wrapper.Creatives.Creative.Error
  • VAST.Ad.Wrapper.Creatives.Creative.Linear.TrackingEvents.Tracking
  • VAST.Ad.Wrapper.Creatives.Creative.Linear.Icons.Icon.IconClicks.IconClickThrough
  • VAST.Ad.Wrapper.Creatives.Creative.Linear.Icons.Icon.IconClicks.IconClickTracking
  • VAST.Ad.Wrapper.Creatives.Creative.Linear.Icons.Icon.IconViewTracking
  • VAST.Ad.Wrapper.Creatives.Creative.NonLinearAd.NonLinear.StaticResource
  • VAST.Ad.Wrapper.Creatives.Creative.NonLinearAd.NonLinear.IFrameResource
  • VAST.Ad.Wrapper.Creatives.Creative.NonLinearAd.NonLinear.TrackingEvents.Tracking
  • VAST.Ad.Wrapper.Creatives.Creative.NonLinearAd.NonLinear.Error
  • VAST.Ad.Wrapper.Creatives.Creative.CompanionAds.Companion.StaticResource
  • VAST.Ad.Wrapper.Creatives.Creative.CompanionAds.Companion.IFrameResource
  • VAST.Ad.Wrapper.Creatives.Creative.CompanionAds.Companion.TrackingEvents.Tracking
  • VAST.Ad.Wrapper.Creatives.Creative.CompanionAds.Companion.Error
  • VAST.Ad.InLine.AdVerifications.Verification.JavaScriptResource
  • VAST.Ad.InLine.AdVerifications.Verification.ViewableImpression
  • VAST.Ad.InLine.Error
  • VAST.Ad.InLine.Impression
  • VAST.Ad.InLine.Survey
  • VAST.Ad.InLine.Creatives.Creative.Error
  • VAST.Ad.InLine.Creatives.Creative.Linear.TrackingEvents.Tracking
  • VAST.Ad.InLine.Creatives.Creative.Linear.Icons.Icon.IconClicks.IconClickThrough
  • VAST.Ad.InLine.Creatives.Creative.Linear.Icons.Icon.IconClicks.IconClickTracking
  • VAST.Ad.InLine.Creatives.Creative.Linear.Icons.Icon.IconViewTracking
  • VAST.Ad.InLine.Creatives.Creative.NonLinearAd.NonLinear.StaticResource
  • VAST.Ad.InLine.Creatives.Creative.NonLinearAd.NonLinear.IFrameResource
  • VAST.Ad.InLine.Creatives.Creative.NonLinearAd.NonLinear.TrackingEvents.Tracking
  • VAST.Ad.InLine.Creatives.Creative.NonLinearAd.NonLinear.Error
  • VAST.Ad.InLine.Creatives.Creative.CompanionAds.Companion.StaticResource
  • VAST.Ad.InLine.Creatives.Creative.CompanionAds.Companion.IFrameResource
  • VAST.Ad.InLine.Creatives.Creative.CompanionAds.Companion.TrackingEvents.Tracking
  • VAST.Ad.InLine.Creatives.Creative.CompanionAds.Companion.Error
  • VAST.Ad.InLine.ViewableImpression.Viewable
  • VAST.Ad.InLine.ViewableImpression.NotViewable
  • VAST.Ad.InLine.ViewableImpression.ViewUndetermined

Restrictions

When processing VAST XML files, AdSecure enforces certain restrictions to ensure efficient and reliable analysis:

1. Resource Depth Limit

VAST XML files can reference other VAST XML files, creating a chain of resources. AdSecure follows these chains but will stop processing after reaching 10 levels of depth. This prevents excessive resource consumption and potential overloading of the system.

2. Redirect Limit

For each resource found within the VAST XML, AdSecure allows up to 10 redirects. If a resource redirects more than 10 times, the processing will stop, ensuring the analysis remains manageable and within scope.

3. Only static content can be processed

AdSecure’s VAST XML processing tool is designed to analyze and validate static content such as XML and HTML. However, it does not support the execution of JavaScript. This means that any content or behavior on a page that is dynamically generated or modified through JavaScript cannot be detected or evaluated by the system.

How to start a VAST check

There are several ways to start analysing VAST XML files.

Alerts

To receive notifications when cookies are detected during the processing of VAST tags, you can configure an alert rule. This allows you to stay informed of any compliance issues in real-time. To set this up, go to the Alert Rules page and locate the VAST Cookie Detection option under the User Advisory section. Once enabled, you’ll automatically receive alerts whenever cookies are found in your VAST content, helping you address potential issues quickly and efficiently.

Via our App

You can run VAST analyses in the app in two ways:

  • Quick Analysis: For a fast, on-demand check of individual VAST tags, you can enable VAST Cookie Detection directly from the Analysis tab in your user interface. This option is perfect for generating immediate reports on a specific tag without needing to create a full project.

  • Project-Based Monitoring: For more comprehensive, continuous monitoring, you can enable VAST Cookie Detection when setting up a project in the Projects section of the app. This is ideal for frequent checks on multiple VAST tags, ensuring that all your ad content is regularly evaluated for compliance over time.

Via our API

You can also run VAST Cookie Detection through our API, providing more flexibility and integration with your own systems. The process is similar to initiating an analysis for a standard website, with the key difference being that you must set the preset parameter to VAST_COOKIE_DETECTION. This ensures the API triggers the correct analysis for detecting cookies in VAST tags. For detailed instructions on how to implement this, please refer to our API documentation, where you’ll find all the necessary information to seamlessly integrate this feature into your workflow.

mutation createAnalyses($input: CreateAnalysesMutationInput!) {
    createAnalyses(input: $input) {
        analyses {
            id
            __typename
        }
    }
}

{
  "input": {
    "name": "VAST", // Name of the Analysis
    "content": "https://example.com/vast.xml", // URL of the VAST XML to scan
    "devices": ["windows10_chrome"], // Name of the device to use
    "locations": [
      { "country": "USA", "type": "STANDARD", "provider": "OTHER" }
    ], // Location of from where to scan
    "preset": "VAST_COOKIE_DETECTION" // Needs to be VAST_COOKIE_DETECTION
  }
}
Set a Custom Referrer