LTI-228: Launch URL does not work with Firefox #211
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This PR addresses issue #197 |
jfederico
approved these changes
Mar 16, 2023
jfederico
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This was mitigated via the following:
Detect if the 3rd party app has access. If it does not, then use the Storage Access API to ask the user for permission to access the cookies / storage. Note that the API can only be called following a user interaction (ex. a button click). Therefore, if access has not yet been granted, then a message will be shown to the user asking them to click a button. That button will then call the Storage Access API, which will present the user with an alert to grant permission. However, even after granting permission, the user will have to refresh the browser. This will be noted in the message displayed to the user. See the screenshots below:
Another thing to note is that this issue only exists on Brightspace and EdX. Moodle seems to have a setting that allows its integrated 3rd party apps to access its cookies and storage. I am still looking into what configuration they might have used to allow this.