How to Get Duplicate Debug Report for Private Aggregation API?

[Elena6918]

After calling privateAggregation.sendHistogram() in the reportResult() in decisionUrl code, I add the below code in my server.js file to receive duplicate debug report, which should be sent immediately based on the documentation.

app.post('/.well-known/debug/private-aggregation/report-fledge', async (request, reply) => {
  privateAggregation.enableDebugMode();
  const data = {
    query: request.query,
    body: request.body,
  };
  const log = JSON.stringify(data) + '\n';
  console.log("private reporting: "+log);
  reply.code(200);
});

However, there is nothing logged in the console. The privateAggregation.sendHistogram() should be implemented correctly in my code since I no longer received worklet errors. Did I miss anything to get the duplicate debug report?

[alexmturner]

Hi! It's a little hard to be certain, but if you are testing locally, you can have another tab open with chrome://private-aggregation-internals/ to see the state of Private Aggregation reports, both including debug reports. This should hopefully narrow down the issue to the website code vs the reporting endpoint server code. Note also that the privateAggregation.enableDebugMode() call needs to be made within the FLEDGE worklet before privateAggregation.sendHistogramReport() is called.

For future reference, the https://github.com/GoogleChromeLabs/privacy-sandbox-dev-support repo might be a better place for these questions :)

[Elena6918]

Thanks for your response! When I look at the status page at chrome://private-aggregation-internals/, it shows a "Failed to send" for debug reports at <origin_path>/.well-known/private-aggregation/debug/report-fledge, and "Pending" for <origin_path>/.well-known/private-aggregation/report-fledge. I add the privateAggregation.enableDebugMode(); in the reportResult() function before calling the PA API. What can be the possible cause for this?

[alexmturner]

Ah interesting. That appears to indicate that the javascript code is working correctly (and generating a debug report), but that the actual network request is failing. This might mean that the server endpoint, i.e. <origin_path>/.well-known/private-aggregation/debug/report-fledge, is not set up correctly (e.g. is returning a 404 error or is not accessible). For the regular (non-debug) report, we'd expect it to stay pending until its (delayed) report time is reached.

[Elena6918]

Thanks for your answer. Currently, the server endpoint <origin_path> is the origin that specifies in the seller field in the auctionConfig object. I wonder in the final design, will this server endpoint be the Trusted Aggregation Server (i.e. another server with attested code to batch encrypted reports instead of any server)?

[alexmturner]

We don't have any changes planned for the reporting endpoint at the moment. The current design aims to ensure that the aggregatable reports themselves (with encrypted payloads) don't leak cross-site data, so a trusted endpoint shouldn't be necessary. An additional complication is that different ad techs will likely have different desired batching strategies.

But we're definitely open to feedback if you think this kind of change would improve the API