Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-27404

mod/scorm/apiphp returns wrong content-type header when loaded as javascript. This breaks SCORM for some users with restrictive security settings

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 1.9.11, 2.0.2
    • 1.9.13, 2.0.4
    • SCORM
    • MOODLE_19_STABLE, MOODLE_20_STABLE
    • MOODLE_19_STABLE, MOODLE_20_STABLE
    • master_MDL-27404
    • Hide

      This is really hard to test - you must have IE 6 installed with all sorts of stupid locked down settings in place - I know IE 6 isn't officially supported in 2.0 but I've pushed the fix there anyway.

      It should be sufficient to test an existing "working" SCORM in IE 6 and make sure it still works after the patch has been applied.

      Show
      This is really hard to test - you must have IE 6 installed with all sorts of stupid locked down settings in place - I know IE 6 isn't officially supported in 2.0 but I've pushed the fix there anyway. It should be sufficient to test an existing "working" SCORM in IE 6 and make sure it still works after the patch has been applied.

    Description

      the script mod/scorm/player.php outputs the API link in the following fashion (e.g.)...

      <script type="text/javascript" src="api.php?id=624&scoid=1713&mode=normal&attempt=34"></script>

      However, api.php generates a content-type header for mimetype text/html which is wrong. It should be application/x-javascript. It's probably rarely done but it is possible to set IE security settings to block such a link which breaks SCORM.

      Looking at the code, the API wrapper doesn't really seem to be written to suit being embedded as pure javascript (e.g. require_login() and possible error messages) so I'm not sure if this is easy to fix.

      Attachments

        Issue Links

          Activity

            People

              danmarsden Dan Marsden
              howardsmiller Howard Miller
              Sam Hemelryk Sam Hemelryk
              Martin Dougiamas Martin Dougiamas
              Dan Marsden, Matteo Scaramuccia, Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Sujith Haridasan
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                1/Aug/11