Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68098

Adding MathJax to PARAM_TEXT fields make WebServices break

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Setup

      1. As admin, go to "Site administration ► Plugins ► Filters ► Manage filters".
      2. In the MathJax filter, set the "Active?" option to "On" and the "Apply to" option to "Content and headings".
      3. Using the arrows in the "Order" column, move the MathJax filter to the top.
      4. Go to "Site administration / Appearance / HTML settings".
      5. Disable "Remove HTML tags from all activity names (formatstringstriptags)".
      6. Go to Site Home.
      7. Click the gear icon in the top right and click "Edit settings".
      8. In "Full site name" and "Short name for site" add this text and save:

        $$(a+b)=2$$

      9. Go to "Site administration ► Courses ► Manage courses and categories" and click "Create new course".
      10. In "Course full name" and "Course short name" add this text and save:

        $$(a+b)=2$$

      11. In this course, create a new forum activity with type "Standard forum for general use".
      12. Open the forum created in the previous step and click to add a new discussion. 
      13. In "Subject" and "Message" add this text and save:

        $$(a+b)=2$$

      14. Go to "Site administration ► Users ► Accounts ► Add a new user" and create a new user in the site (not an admin user).
      15. Enrol the user from the previous step in the course created in the previous steps.
      16. Enable "Mobile services": Plugins ► Web Services ► Mobile
      17. Create a WS Token for the user created in the previous steps:
        • Click on Site administration ► Plugins ► Web services ► Manage tokens

      Test

      1. Open a terminal/console and execute the following command:
        • You need to replace the the URL of your moodle instance

          curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"tool_mobile_get_public_config","args":{}}]' | python -m "json.tool"
          

      2. Check that this call returns some site info and the "sitename" contains some html (like <span class="filter_mathjaxloader_equation">...).
      3. In the terminal/console, now execute the following command:
        • You need to replace the wstoken with the token created in Setup, the USERID with the id of the user created in Setup and the URL of your moodle instance

          curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_enrol_get_users_courses&wstoken=WSTOKEN&userid=USERID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool"
          

      4. Check that this call returns a list of courses. Check that the list contains the course created in Setup and its "displayname" contains some html (like <span class="filter_mathjaxloader_equation">...).
      5. In the terminal/console, now execute the following command:
        • You need to replace the wstoken with the token created in Setup, the FORUMID with the id of the forum created in Setup (not the course module ID) and the URL of your moodle instance

          curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=mod_forum_get_forum_discussions&wstoken=WSTOKEN&forumid=FORUMID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool"
          

      6. Check that this call returns a list of discussions. Check that the list contains the discussion created in Setup and its "subject" contains some html (like <span class="filter_mathjaxloader_equation">...).

       
       
       

      Show
      Setup As admin, go to "Site administration ► Plugins ► Filters ► Manage filters". In the MathJax filter, set the "Active?" option to "On" and the "Apply to" option to "Content and headings". Using the arrows in the "Order" column, move the MathJax filter to the top. Go to "Site administration / Appearance / HTML settings". Disable "Remove HTML tags from all activity names (formatstringstriptags)". Go to Site Home. Click the gear icon in the top right and click "Edit settings". In "Full site name" and "Short name for site" add this text and save: $$(a+b)=2$$ Go to "Site administration ► Courses ► Manage courses and categories" and click "Create new course". In "Course full name" and "Course short name" add this text and save: $$(a+b)=2$$ In this course, create a new forum activity with type "Standard forum for general use". Open the forum created in the previous step and click to add a new discussion.  In "Subject" and "Message" add this text and save: $$(a+b)=2$$ Go to "Site administration ► Users ► Accounts ► Add a new user" and create a new user in the site (not an admin user). Enrol the user from the previous step in the course created in the previous steps. Enable "Mobile services": Plugins ► Web Services ► Mobile Create a WS Token for the user created in the previous steps: Click on Site administration ► Plugins ► Web services ► Manage tokens Test Open a terminal/console and execute the following command: You need to replace the the URL of your moodle instance curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"tool_mobile_get_public_config","args":{}}]' | python -m "json.tool" Check  that this call returns some site info and the "sitename" contains some html (like <span class="filter_mathjaxloader_equation"> ...). In the terminal/console, now execute the following command: You need to replace the wstoken with the token created in Setup, the USERID with the id of the user created in Setup and the URL of your moodle instance curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_enrol_get_users_courses&wstoken=WSTOKEN&userid=USERID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool" Check  that this call returns a list of courses. Check that the list contains the course created in Setup and its "displayname" contains some html (like <span class="filter_mathjaxloader_equation"> ...). In the terminal/console, now execute the following command: You need to replace the wstoken with the token created in Setup, the FORUMID with the id of the forum created in Setup (not the course module ID) and the URL of your moodle instance curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=mod_forum_get_forum_discussions&wstoken=WSTOKEN&forumid=FORUMID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool" Check  that this call returns a list of discussions. Check that the list contains the discussion created in Setup and its "subject" contains some html (like <span class="filter_mathjaxloader_equation"> ...).      
    • Affected Branches:
      MOODLE_38_STABLE
    • Fixed Branches:
      MOODLE_38_STABLE, MOODLE_39_STABLE
    • Pull from Repository:
    • Pull 3.8 Branch:
    • Pull 3.9 Branch:
    • Pull 3.10 Branch:
      MDL-68098-310
    • Pull Master Branch:
      MDL-68098-master

      Description

      Example on how to reproduce it:

      1. As admin, enable MathJax and allow it to be applied to "Content and headings".
      2. In a forum, create a new post and put some MathJax in the subject (e.g. $$(a+b)=2$$).
      3. Now call the WebService mod_forum_get_forum_discussions with the forumid of the forum used before. You will get an "Invalid response value" exception.

      The forum subject is PARAM_TEXT, and the text "$$(a+b)=2$$" is a valid text. However, by default WebServices filter the content before returning it, and the MathJax filter adds HTML to the subject. The WebService defines this field as PARAM_TEXT too (like the form field), so the type is invalid because it includes HTML.

      This seems to affect several WebServices. E.g. if you add MathJax to a course name you break the WebService core_enrol_get_users_courses (and probably some others like mod_assign_get_assignments).

        Attachments

        1. MDL-68098_setup.jpg
          MDL-68098_setup.jpg
          22 kB
        2. MDL-68098_step#2.jpg
          MDL-68098_step#2.jpg
          52 kB
        3. test_result.png
          test_result.png
          207 kB

          Activity

            People

            Assignee:
            dpalou Dani Palou
            Reporter:
            dpalou Dani Palou
            Peer reviewer:
            Simey Lameze
            Integrator:
            Sara Arjona (@sarjona)
            Tester:
            Anna Carissa Sadia
            Participants:
            Component watchers:
            Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Juan Leyva, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              9/Nov/20

                Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 week, 1 day, 3 hours, 10 minutes
                1w 1d 3h 10m