Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-30876

MP3 player not shown when use external YUI enabled

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.2, 2.3
    • Fix Version/s: 2.2.5, 2.3.2
    • Component/s: Filters
    • Labels:
    • Environment:
      Linux and Solaris servers with apache and mysql
    • Testing Instructions:
      Hide
      1. Enable the site setting 'useexternalyui'
      2. Enable the Multimedia filter (and mark the 'filter_mediaplugin_enable_mp3' checkbox if the option is available in your moodle version, otherwise is enabled)
      3. Add a link to a MP3 file (one of the user private files for example) in any HTML text area
      4. View the page with the HTML text displayed, the link SHOULD BE replaced by the MP3 player and there SHOULD NOT BE a JS error
      Show
      Enable the site setting 'useexternalyui' Enable the Multimedia filter (and mark the 'filter_mediaplugin_enable_mp3' checkbox if the option is available in your moodle version, otherwise is enabled) Add a link to a MP3 file (one of the user private files for example) in any HTML text area View the page with the HTML text displayed, the link SHOULD BE replaced by the MP3 player and there SHOULD NOT BE a JS error
    • Workaround:
      Hide

      Access to the style sheets wrapped in a try & catch. This solution does not replicate the same exact funcionality with 'useexternalyui' enabled, but I'm afraid that it's not possible, is a JS security restriction.

      Solution tested on Firefox, Chrome and Opera; IE is, as always, another world, it doesn't replace the player with 'userexternalyui' enabled nor disabled, but it seems that there is no security violation when accessing cross domain style sheets, since it's another issue I think that you prefer to have it on another tracker issue.

      Grepping around moodle core code to find more 'document.styleSheets' to prevent other JS security violations when online YUI libraries is enabled, it seems that this is the only place where the styles sheets are accessed this way; the other apperance is in the jquery lib of xhprof which I suppose is stand-alone and not dependent of the moodle core YUI libraries.

      Show
      Access to the style sheets wrapped in a try & catch. This solution does not replicate the same exact funcionality with 'useexternalyui' enabled, but I'm afraid that it's not possible, is a JS security restriction. Solution tested on Firefox, Chrome and Opera; IE is, as always, another world, it doesn't replace the player with 'userexternalyui' enabled nor disabled, but it seems that there is no security violation when accessing cross domain style sheets, since it's another issue I think that you prefer to have it on another tracker issue. Grepping around moodle core code to find more 'document.styleSheets' to prevent other JS security violations when online YUI libraries is enabled, it seems that this is the only place where the styles sheets are accessed this way; the other apperance is in the jquery lib of xhprof which I suppose is stand-alone and not dependent of the moodle core YUI libraries.
    • Affected Branches:
      MOODLE_22_STABLE, MOODLE_23_STABLE
    • Fixed Branches:
      MOODLE_22_STABLE, MOODLE_23_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-30876_master

      Description

      With the multimedia filter enabled and MP3 checked, if the YUI libraries are obtained from another domain (useexternalyui site setting enabled) the MP3 player is not shown

      Reproduction steps:

      1. Enable the site setting 'useexternalyui'
      2. Enable the Multimedia filter and mark the 'filter_mediaplugin_enable_mp3' checkbox
      3. In any HTML editor click the Media Button and link to a MP3 file
      4. View the page with the HTML text displayed, the link is not replaced by the MP3 player

      It throws a Javascript 'Security error" code: "1000' error (is trying to access the contents of another domain's stylesheet) and stops the Javascritp execution, therefore the link to the MP3 file is not replaced by the MP3 player.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Votes:
                  2 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    10/Sep/12