Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-39090

LTI launches with query strings have wrong signature

    Details

      Description

      • If a LTI launch URL has parameters on the query string, those get reproduced in the form post when launched
      • The oauth_signature is based on those parameters being represented once in the request
      • Because the parameters are both in the body and the query in the actual launch, the signature will be incorrect on the receiving end

      Here's why the parameters get duplicated:

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Votes:
                  2 Vote for this issue
                  Watchers:
                  7 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:
                    Fix Release Date:
                    9/Sep/13