Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-19145

Moodle extension for Safe Exam Browser



    • New Feature
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 1.9.4
    • 1.9.6
    • Quiz
    • None
    • Any
    • Any


      The university of Giessen and the ETH Zurich developed a software for secure online exams called "Safe Exam Browser" (http://www.safeexambrowser.org). This open-source software comes with an extension for Moodle. Features:

      • Fullscreen mode (without any navigation elements).
      • Prohibits close or leave the window with the quiz
      • Disables shortcuts/keys as Win, Ctrl+Alt+Del, Alt+F4, F1, Ctrl+p, Printscreen, ...
      • Disables right-click
      • Disables switch to other applications
      • Prohibits surf the internet

      Extension for Moodle quiz:

      • Disables navigation to other resources in the Moodle quiz
      • Assures that a quiz can be taken with the Safe Exam Browser exclusively
      • Adds a new entry in the security settings of a quiz in Moodle (see attachment)

      There is a discussion topic in the quiz forum of Moodle: http://moodle.org/mod/forum/discuss.php?d=111732

      T. Hunt reviewed a first version of the Moodle extension and gave us some inputs for improvements:

      >>> In principle, I am happy to add the necessary hooks to Moodle core
      >>> to support this, though it would require some changes to the current
      >>> patch first:
      >>> 1) We need an overall admin setting
      >>> $CFG->enablesafebrowserintegration, probably under Administration ->
      >>> Miscellaneous -> Experimental for now, which is disabled by default.
      >>> That way, the new options only show up on sites where they might be
      >>> relevant.


      >>> 2) It would be nice to avoid having to change the database. I think
      >>> we should us the existing 'secure window' column (which is actually
      >>> called popup in the database). We should rename the setting (I can't
      >>> think of a good name now. 'Browser security' is the best I can do,
      >>> but I don't think it is good enough) with three settings:
      >>> - None
      >>> - Full screen pop-up with added JavsScript 'security'
      >>> - Require the use of the Safe browser
      >>> those would be stored as 0, 1, 2 in the existing database column.
      >>> The third option only appears if $CFG->enablesafebrowserintegration
      >>> is set.
      >>> That then requires reviewing all the checks on ->popup in the code
      >>> and changing them.

      Done. 'Browser security' seems a good suggestion for these settings.

      >>> 3) I don't think 'mod/quiz:manage' is the right capability for
      >>> avoiding the check. For secure window, we check 'mod/quiz:preview'


      >>> 4) I would move the user-agent check into a function in
      >>> mod/quiz/locallib.php, or even see whether we could user/modify the
      >>> existing browser check functions in weblib/moodlelib or wherever
      >>> they are.

      Done. The user-agent check is now a function in mod/quiz/locallib.php.

      >>> 5) The way you are hiding the breadcrumbs by injecting CSS into the
      >>> header is pretty ugly (and not very secure). Isn't the way the
      >>> existing secure window does it, but using a different call to
      >>> print_header, better?

      Done. The breadcrumbs are now hidden by calling a print_header with different parameters.

      >>> 6) Obviously, you don't have the '//START/END quiz_for_safe_browser'
      >>> comments in a patch intended for core code.


      >>> If you can
      >>> * get a patch that does that (especially the admin setting to turn
      >>> it off completely, and no database changes) attached to a tracker
      >>> issue,
      >>> * get at least some people to vote on that issue, and
      >>> * if you can make patches for both moodle 1.9 and 2.0, which will
      >>> necessarily be quite different, becuase I have been changing things.

      A patch of the extension for Moodle 1.9 and for Moodle 2.0 is attached to this issue.




            timhunt Tim Hunt
            raol Oliver Rahs
            Tim Hunt, Ilya Tregubov, Kevin Percy, Mathew May, Mihail Geshoski, Shamim Rezaie
            9 Vote for this issue
            5 Start watching this issue