From d45d832e9140f7a93a3175154bc85885c190c745 Mon Sep 17 00:00:00 2001 From: Patrick McCann Date: Mon, 23 Feb 2026 09:34:07 -0500 Subject: [PATCH 1/2] Document disableFingerprintingApis setConfig option --- dev-docs/publisher-api-reference/setConfig.md | 34 +++++++++++++++---- 1 file changed, 27 insertions(+), 7 deletions(-) diff --git a/dev-docs/publisher-api-reference/setConfig.md b/dev-docs/publisher-api-reference/setConfig.md index f52b9863cc..b77228555c 100644 --- a/dev-docs/publisher-api-reference/setConfig.md +++ b/dev-docs/publisher-api-reference/setConfig.md @@ -59,6 +59,26 @@ This can be useful in GDPR, CCPA, COPPA or other privacy scenarios where a publi Note that bid adapters are normally denied access to device storage even when `deviceAccess` is `true`; see the [`storageAllowed` bidder setting](/dev-docs/publisher-api-reference/bidderSettings.html#deviceAccess). + + +### Disable fingerprinting APIs + +Prebid provides a privacy control named `disableFingerprintingApis` that lets publishers disable specific browser APIs commonly used for fingerprinting. + +When one of these APIs is disabled, Prebid returns a safe default value instead of reading the browser value: + +* `devicepixelratio`: returns `1` +* `webdriver`: returns `false` +* `resolvedoptions`: returns an empty timezone string `''` + +```javascript +pbjs.setConfig({ + disableFingerprintingApis: ['devicepixelratio', 'webdriver', 'resolvedoptions'] +}); +``` + +Values are matched case-insensitively. + ### Bidder Timeouts @@ -1063,7 +1083,7 @@ To register a video player with Prebid, you must use `setConfig` to set a `video {: .table .table-bordered .table-striped } | Field | Required? | Type | Description | -|---|---|---|---| +| --- | --- | --- | --- | | video.providers[] | yes | array of objects | List of Provider configurations. You must define a provider configuration for each player instance that you would like integrate with. | | video.providers[] .vendorCode | yes | number | The identifier of the Video Provider vendor (i.e. 1 for JW Player, 2 for videojs, etc). Allows Prebid to know which submodule to instantiate. | | video.providers[].divId | yes | string | The HTML element id of the player or its placeholder div. All analytics events for that player will reference this ID. Additionally, used to indicate which HTLM element must contain the Video Player instance when instantiated. | @@ -1427,7 +1447,7 @@ The controls publishers have over the RTD modules: {: .table .table-bordered .table-striped } | Field | Required? | Type | Description | -|---|---|---|---| +| --- | --- | --- | --- | | realTimeData.auctionDelay | no | integer | Defines the maximum amount of time, in milliseconds, the header bidding auction will be delayed while waiting for a response from the RTD modules as a whole group. The default is 0 ms delay, which means that RTD modules need to obtain their data when the page initializes. | | realTimeData.dataProviders[].waitForIt | no | boolean | Setting this value to true flags this RTD module as "important" enough to wait the full auction delay period. Once all such RTD modules have returned, the auction will proceed even if there are other RTD modules that have not yet responded. The default is `false`. | @@ -1481,12 +1501,12 @@ pbjs.setConfig({ {: .table .table-bordered .table-striped } | Field | Required? | Type | Description | -|---|---|---|---| +| --- | --- | --- | --- | | topics.maxTopicCaller | no | integer | Defines the maximum numbers of Bidders Iframe which needs to be loaded on the publisher page. Default is 1 which is hardcoded in Module. Eg: topics.maxTopicCaller is set to 3. If there are 10 bidders configured along with their iframe URLS, random 3 bidders iframe URL is loaded which will call TOPICS API. If topics.maxTopicCaller is set to 0, it will load random 1(default) bidder iframe atleast. | -| topics.bidders | no | Array of objects | Array of topics callers with the iframe locations and other necessary informations like bidder(Bidder code) and expiry. Default Array of topics in the module itself.| -| topics.bidders[].bidder | yes | string | Bidder Code of the bidder(SSP). | -| topics.bidders[].iframeURL | yes | string | URL which is hosted on bidder/SSP/third-party domains which will call Topics API. | -| topics.bidders[].expiry | no | integer | Max number of days where Topics data will be persist. If Data is stored for more than mentioned expiry day, it will be deleted from storage. Default is 21 days which is hardcoded in Module. | +| topics.bidders | no | Array of objects | Array of topics callers with the iframe locations and other necessary informations like bidder(Bidder code) and expiry. Default Array of topics in the module itself. | +| topics.bidders[].bidder | yes | string | Bidder Code of the bidder(SSP). | +| topics.bidders[].iframeURL | yes | string | URL which is hosted on bidder/SSP/third-party domains which will call Topics API. | +| topics.bidders[].expiry | no | integer | Max number of days where Topics data will be persist. If Data is stored for more than mentioned expiry day, it will be deleted from storage. Default is 21 days which is hardcoded in Module. | From ff42e24694ffbe596e5586ae97a6ce9356478560 Mon Sep 17 00:00:00 2001 From: Patrick McCann Date: Mon, 23 Feb 2026 09:36:00 -0500 Subject: [PATCH 2/2] Update description for disableFingerprintingApis control Clarified the explanation of the 'disableFingerprintingApis' privacy control by adding a reference to DuckDuckGo tracker radar. --- dev-docs/publisher-api-reference/setConfig.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev-docs/publisher-api-reference/setConfig.md b/dev-docs/publisher-api-reference/setConfig.md index b77228555c..801b453c6b 100644 --- a/dev-docs/publisher-api-reference/setConfig.md +++ b/dev-docs/publisher-api-reference/setConfig.md @@ -63,7 +63,7 @@ Note that bid adapters are normally denied access to device storage even when `d ### Disable fingerprinting APIs -Prebid provides a privacy control named `disableFingerprintingApis` that lets publishers disable specific browser APIs commonly used for fingerprinting. +Prebid provides a privacy control named `disableFingerprintingApis` that lets publishers disable specific browser APIs commonly used for fingerprinting according to DuckDuckGo tracker radar. When one of these APIs is disabled, Prebid returns a safe default value instead of reading the browser value: