Instart Tag Control – Rule Building Cookbook

This document provides several examples of using the Instart web portal to create Tag Control rules.

The Tag Control Rules screen is accessed from the left navigation pane of the portal:

Recipe 1: Delay loading of a resource

In this example we have identified a resource that seems to be loading slowly early in the page load, and we want to delay loading it.

  1. From the Rules page, click Add New Rule to open the rule builder:

  2. Enter a description (required) and one or more optional labels if desired.
  3. Click the pulldown labeled labeled Select a rule type and choose Custom rule:

  4. This opens up the Identify App section:

  5. Select the Criteria pulldown to set criteria that will specify the app we intend to set up our rule for:

  6. For this example we choose Path and then specify the path of the page we noticed the slowness with:

  7. Select the pulldown labeled Create a sub-rule and choose Delay Resource Load:

    This opens up the Delay Resource Load section:
  8. We need to select a criterion to specify the tag we want to defer. In this example we know the tag's name, so we choose Path, leave the default Match condition set to equals any of, and enter addthis_widget.js in the Path field:

  9. We've specified the affected app and the script we want to defer… Next, we need to specify which event to defer the loading of this script until. In this case we're going to have it load after the DOM Content Loaded event:

  10. Then we click Save at the bottom of the rule. A Change Reason dialog box appears:

    Add a note about why we are creating this rule and click Submit.

Now that our rule has been created, it takes about 5-10 minutes to be validated and deployed. After it's been in play for a while and had a chance to be triggered, information about the rule's action will become visible in the Action Analytics screen. This should happen after about 15-20 minutes have passed. We can take another look at the company page and see if it appears to load faster.

Recipe 2: Protect a cookie

In this example we have a cookie named session that we want to protect from any scripts other than our own 1st-party scripts.

  1. From the Rules page, click Add a new rule to open the rule builder.
  2. Enter a description (required) and one or more optional labels if desired.
  3. Click the pulldown labeled labeled Select a rule type and choose Custom rule:

  4. This opens up the Identify App section:

  5. Select the Criteria pulldown to set criteria that will specify the app we intend to set up our rule for:

  6. For this example we choose Path and then specify the path of the page where the cookie is associated:

  7. Next you select which type of sub-rule you want. Click the pulldown labeled Create a sub-rule and select Control Cookie Access:

    A form section appears, allowing you to specify the appropriate criteria, which are predefined in this case:

    Specify the cookie by name, specify the URL pattern, and choose to control read access, write access, or both.
    For Cookie Name, the match conditions can be equals any of or does not equal any of, and therefore specify an exact match for the value or values you enter.
    For URL pattern, the match condition can be matches any of or does not match any of, and therefore specify a regular expression. Note that since the period (.) in the pattern is a character class in regular expression syntax, you need to enclose it in square brackets to designate it as a literal character.
    The following rule specification will protect the cookie named session from any scripts other than our own 1st-party scripts:
  8. Click Save at the bottom of the rule. A Change Reason box appears:

    Fill in a note about why you are creating this rule and click Submit.

The rule is saved and will appear in the list of rules on the Tag Control Rules page.

Recipe 3: Protect a form field

In this example we have a checkout page checkout.php which has a form field with an ID of ccnum for a customer to enter their credit card number. We want to assure no scripts other than our own first-party script can read or alter this number after it's entered. Let's assume the script you want to be able to access this value is named processtransaction and you want to disallow any other script.

  1. From the Rules page, click Add a new rule to open the rule builder.
  2. Enter a description (required) and one or more optional labels if desired.
  3. Click the pulldown labeled labeled Select a rule type  and choose Form field protection rule:

  4. This opens up the Identify App section and the Protect Form Field section:

  5. Select the Criteria pulldown in the Identify App section to set criteria that will specify the app we intend to set up our rule for:

  6. For this example we'll choose Path, set the match condition to matches any of, and enter a regex to match the path of the checkout page:

  7. In the Protect Form Field section, the appropriate criteria are predefined – a Resource URL pattern to specify the scripts we want to allow or disallow to access the form field, and an Element selector to specify the form field's DOM selector:

  8. In this example, we want to prevent any script other than our own first-party scripts, so we'll put in a resource URL pattern with a match condition does not match any of, and a regular expression to specify the first-party scripts:

    Note that since the period (.) in the pattern is a character class in regular expression syntax, you need to enclose it in square brackets to designate it as a literal character.
  9. The easiest way to specify the form fields you want to protect is to click the Scan Form Fields button. This opens the Add Form Fields dialog:

    Select the checkboxes in front of the fields you want to protect and click Add.
  10. The dialog box closes and the elements you chose are populated in element selector fields:

    You can also enter form field selectors manually; see below for how to find what these should be.
    In this example we also want to set Read control and Write control to Block.
  11. Click Save at the bottom of the rule. A Change Reason box appears:

    Fill in a note about why you are creating this rule and click Submit.

The rule is saved and will appear in the list of rules on the Tag Control Rules page.

How to determine a form field's selector

You can use your browser's developer tools to find the DOM selector that specifies which form field you want to protect. For example, in Chrome, right-click on the field of of interest and select Inspect to quickly open the Developer Tools console with the element selected:

Then, right click on the element and select Copy > Copy selector from the popup menu:

Recipe 4: Set up an alert rule

In this example we want to create an alert that will be emailed if scripts loaded from a specific domain take longer to load than you typically expect.

  1. From the Rules page, click Add a new rule to open the rule builder.
  2. Enter a description (required) and one or more optional labels if desired.
  3. Click the pulldown labeled Select a rule type and choose Alert rule:

    This opens up the Set Up Alert section:

  4. Specify
    - the Root domain of the tag(s) you want to alert on; currently this is the only way to specify the scope of what you want to set up the alert for.
    - a Threshold in milliseconds – the number of milliseconds above which you consider the resource is taking too long to load.
    - an Aggregate percentile – what percentage of requests this threshold is exceeded for, from a pulldown offering values 50th, 90th, 95th, and 99th.
    - a Duration window – how long you want the system to wait while the threshold and percentile remain in this state before an alert is sent, from a pulldown offering values 10m, 15m, 30m, 60m, 90m, or 120m).
    - the Alert notification email list: enter one of more email addresses to which the alert is to be sent when triggered.(The What do you want to do? pulldown moves to the bottom of the form field section but there is nothing you can select from it.)
  5. When you have finished defining your alerting rule, click Save at the bottom of the rule. A Change Reason box appears:

    Fill in a note about why you are creating this rule and click Submit.

The rule is saved and will appear in the list of rules on the Tag Control Rules page.

Recipe 5: Set a performance budget rule

In this example we identify a path for which we want to set a performance budget.

  1. From the Tag Control Rules page, click Add new rule to open the rule builder.
  2. Enter a description (required) and one or more optional Labels if desired.
  3. Select Performance budget rule from the Select a rule type pulldown:
  4. The rule builder screen updates with the building blocks of a performance budget rule displayed. The first thing to do is, in the Identify App block, set criteria that defines what conditions the rule will trigger on. In this example, let's say the path we want to set the rule for is /products:
  5. In the Set Performance Budget block, define the length of time you want to set as a threshold for your performance budget; in this case, 3000 ms:
  6. Next we need to specify the tags to defer. Click Scan Tags to open up a dialog box with a list of tags found on the site and select them from the list:
     
  7. To add them to the list of tags to for the rule to defer, check the checkbox in front of the tag domains and paths and click Add to close the list and add them to the rule:
  8. Click Save. A Change Reason box appears:

    Fill in a note about why you are creating this rule and click Submit.

The rule is saved and will appear in the list of rules on the Tag Control Rules page.