VASTlint
VAST-2.0-extension-cdata

VAST-2.0-extension-cdata

<Extension> leaf text with XML-sensitive characters should be wrapped in CDATA

WarningSchemaIAB VAST 2.0 §2VAST 2.0 and later (all versions)

Short answer

When an <Extension> carries a leaf text payload containing XML-sensitive characters (&, <, >), wrap it in a CDATA section. JSON blobs and URL-rich vendor data otherwise rely on fragile XML escaping that is easy to get wrong and breaks parsing.

Why this matters in production

This rule is a strong risk signal. Tags with this issue often still parse, but they become brittle across SDKs, SSAI resolvers, and CTV environments. Schema violations tend to create parser disagreement. One system may recover while another drops the tag entirely, which is why these bugs often show up as environment-specific fill loss. Affected scope: VAST 2.0 and later (all versions).

Invalid

<Extension type="vendor">
  {"key":"a&b","u":"https://x?p=1&q=2"}
</Extension>

Valid

<Extension type="vendor">
  <![CDATA[{"key":"a&b","u":"https://x?p=1&q=2"}]]>
</Extension>
Check your VAST tag for VAST-2.0-extension-cdata and other issues instantly.Open the VAST tag validator →