Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 2.4.7, 2.5, 2.5.3, 2.6, 2.7
-
Testing Instructions:
-
Affected Branches:MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE, MOODLE_27_STABLE
-
Fixed Branches:MOODLE_24_STABLE, MOODLE_25_STABLE, MOODLE_26_STABLE
-
Pull from Repository:
-
Pull Master Branch:m27_
MDL-40379_Prevent_Some_Mobile_Network_Providers_From_Modifying_Content -
Pull Master Diff URL:
Description
I'm researching a problem with pluginfile.php. I also checked it already on demo.moodle.net so it's no site/server specific issue itself.
Whilst beeing on wifi or a regular connection or on a desktop computer, the problem does NOT exist. But if I access e.g. a lesson content page, with a picture in it, which was uploaded with TinyMCE, my browser (also tested various browsers on my android phone) displays a question mark sign. If I refresh that page, the picture shows up. This just happens to me on the Vodafone network in Germany. On the T-Mobile network (also in GER) with an iPhone 5 the picture doesnt even show up upon refresh. Navigating to the next page succeeds, but again, no picture.
I further investigated this with apache logs/tcpdump on the server side and found out, that the user gets redirected with http code 303 to the login page. So, to see that very lesson page, I need to be logged in already, so this cant be the case. Disabling require_course_login in mod/lesson/lib.php the function lesson_pluginfile solves the issues, but this cant obviously be the solution. Somehow, the mobile data proxies of the carriers interfere with Moodle and/or the session.
With tcpdump, I noticed, there is no session cookie being sent along with the GET-request for pluginfile.php/ID/mod_lesson/PAGEID/filename.jpg. Any other clues about this?