Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Minor
Fix Version/s: None
Affects Version/s: 3.5.8, 3.5.11, 3.6.5, 3.6.9, 3.7.2, 3.7.5, 3.8.2, 3.9.2, 4.1, 4.2, 4.4
Component/s: Administration, Authentication, Dashboard (My home)
Labels:

Affected Branches:
MOODLE_35_STABLE, MOODLE_36_STABLE, MOODLE_37_STABLE, MOODLE_38_STABLE, MOODLE_39_STABLE, MOODLE_401_STABLE, MOODLE_402_STABLE, MOODLE_404_STABLE

To recreate

Embed a youtube video on the course page
Note that the video is showing
Login as another user in the course with the "Login as" button
Note that the video is not showing

Same thing occur in Book and other resources and activities.

Update by MH: We apply forceclean to 'login as' sessions to prevent JavaScript risks from untrusted content (such as students' dashboards), but there needs to be further investigation into whether it's: 1) possible and 2) safe, to apply this sanitizing only on the pages where it is required, so that teachers can still see "trusted" content (such as iframes and JavaScript included by teachers within a course) when logging in as their students.

has a non-specific relationship to

MDL-65372 Additional div defined in theme HTML is stripped out only when using 'Log in as'

Open

has been marked as being related by

MDL-75042 Label caches embedded content incorrectly

Closed

Assignee:: Unassigned

Reporter:: Peter Diedrichs

Participants:: Daniel Kristian Steffensen, Gemma Lesterhuis, Janelle Barcega, John Provasnik, Mathew Gancarz, Michael Hawkins, Michael Hughes, Peter Diedrichs, Robert Toth, Tom Dixon, Troy Williams

Votes:: 27 Vote for this issue

Watchers:: 25 Start watching this issue

Created:: 23/Aug/19 7:56 PM

Updated:: 09/May/24 4:45 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates

Clockify