[MDL-60302] Allow Cross-Origin requests in webservice/upload.php - Moodle Tracker

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.3.2
Fix Version/s: 3.4
Component/s: Web Services
Labels:

Affected Branches:
MOODLE_33_STABLE
Fixed Branches:
MOODLE_34_STABLE
Pull from Repository:
git://github.com/jleyva/moodle.git
Pull Master Branch:
~~MDL-60302~~-master
Pull Master Diff URL:
https://github.com/jleyva/moodle/compare/23ab0d7788...MDL-60302-master
Testing Instructions:
Hide

As admin, enable "Mobile services": Site administration ► Mobile app ► Mobile settings

Create a Token in the mobile app service for one user:

Click on Site administration ► Plugins ► Web services ► Manage tokens

Unzip the attached zip file

Edit the unzipped js/script.js file, look for the line starting by oXHR.open('POST', and change the Moodle URL with your one, replace the token with the token generated in step 2

Open the unzipped index.html in a browser

Upload a file via the index.html form and check that you receive a response similar to the attached expected-response.png (it may change some values like the itemid, filename, contextid, userid)
Show
As admin, enable "Mobile services": Site administration ► Mobile app ► Mobile settings Create a Token in the mobile app service for one user: Click on Site administration ► Plugins ► Web services ► Manage tokens Unzip the attached zip file Edit the unzipped js/script.js file, look for the line starting by oXHR.open('POST', and change the Moodle URL with your one, replace the token with the token generated in step 2 Open the unzipped index.html in a browser Upload a file via the index.html form and check that you receive a response similar to the attached expected-response.png (it may change some values like the itemid, filename, contextid, userid)

Description

It would be good to ad a 'Access-Control-Allow-Origin: *' header in upload.php to allow cross origin requests.

If allowed you could upload files over webservice/upload.php from chrome or firefox.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

expected-response.png
62 kB
05/Oct/17 12:19 AM
javascript-upload-files.zip
6 kB
05/Oct/17 12:18 AM

Issue Links

has a non-specific relationship to

MDL-60424 Allow Cross-Origin requests in webservice/upload.php (backport of MDL-60302)

Closed

Activity

People

Assignee:: Juan Leyva

Reporter:: Nico0302

Peer reviewer:: Dani Palou

Integrator:: Eloy Lafuente (stronk7)

Tester:: Eloy Lafuente (stronk7)

Participants:: CiBoT, Dani Palou, Eloy Lafuente (stronk7), Juan Leyva, Nico0302

Component watchers:: Juan Leyva, David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 01/Oct/17 12:36 PM

Updated:: 14/Oct/17 3:09 AM

Resolved:: 14/Oct/17 3:09 AM

Fix Release Date:: 13/Nov/17