Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68098

Adding MathJax to PARAM_TEXT fields make WebServices break

    XMLWordPrintable

Details

    • MOODLE_38_STABLE
    • MOODLE_38_STABLE, MOODLE_39_STABLE
    • MDL-68098-master
    • Hide

      Setup

      1. As admin, go to "Site administration ► Plugins ► Filters ► Manage filters".
      2. In the MathJax filter, set the "Active?" option to "On" and the "Apply to" option to "Content and headings".
      3. Using the arrows in the "Order" column, move the MathJax filter to the top.
      4. Go to "Site administration / Appearance / HTML settings".
      5. Disable "Remove HTML tags from all activity names (formatstringstriptags)".
      6. Go to Site Home.
      7. Click the gear icon in the top right and click "Edit settings".
      8. In "Full site name" and "Short name for site" add this text and save:

        $$(a+b)=2$$

      9. Go to "Site administration ► Courses ► Manage courses and categories" and click "Create new course".
      10. In "Course full name" and "Course short name" add this text and save:

        $$(a+b)=2$$

      11. In this course, create a new forum activity with type "Standard forum for general use".
      12. Open the forum created in the previous step and click to add a new discussion. 
      13. In "Subject" and "Message" add this text and save:

        $$(a+b)=2$$

      14. Go to "Site administration ► Users ► Accounts ► Add a new user" and create a new user in the site (not an admin user).
      15. Enrol the user from the previous step in the course created in the previous steps.
      16. Enable "Mobile services": Plugins ► Web Services ► Mobile
      17. Create a WS Token for the user created in the previous steps:
        • Click on Site administration ► Plugins ► Web services ► Manage tokens

      Test

      1. Open a terminal/console and execute the following command:
        • You need to replace the the URL of your moodle instance

          curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"tool_mobile_get_public_config","args":{}}]' | python -m "json.tool"
          

      2. Check that this call returns some site info and the "sitename" contains some html (like <span class="filter_mathjaxloader_equation">...).
      3. In the terminal/console, now execute the following command:
        • You need to replace the wstoken with the token created in Setup, the USERID with the id of the user created in Setup and the URL of your moodle instance

          curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_enrol_get_users_courses&wstoken=WSTOKEN&userid=USERID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool"
          

      4. Check that this call returns a list of courses. Check that the list contains the course created in Setup and its "displayname" contains some html (like <span class="filter_mathjaxloader_equation">...).
      5. In the terminal/console, now execute the following command:
        • You need to replace the wstoken with the token created in Setup, the FORUMID with the id of the forum created in Setup (not the course module ID) and the URL of your moodle instance

          curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=mod_forum_get_forum_discussions&wstoken=WSTOKEN&forumid=FORUMID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool"
          

      6. Check that this call returns a list of discussions. Check that the list contains the discussion created in Setup and its "subject" contains some html (like <span class="filter_mathjaxloader_equation">...).

       
       
       

      Show
      Setup As admin, go to "Site administration ► Plugins ► Filters ► Manage filters". In the MathJax filter, set the "Active?" option to "On" and the "Apply to" option to "Content and headings". Using the arrows in the "Order" column, move the MathJax filter to the top. Go to "Site administration / Appearance / HTML settings". Disable "Remove HTML tags from all activity names (formatstringstriptags)". Go to Site Home. Click the gear icon in the top right and click "Edit settings". In "Full site name" and "Short name for site" add this text and save: $$(a+b)=2$$ Go to "Site administration ► Courses ► Manage courses and categories" and click "Create new course". In "Course full name" and "Course short name" add this text and save: $$(a+b)=2$$ In this course, create a new forum activity with type "Standard forum for general use". Open the forum created in the previous step and click to add a new discussion.  In "Subject" and "Message" add this text and save: $$(a+b)=2$$ Go to "Site administration ► Users ► Accounts ► Add a new user" and create a new user in the site (not an admin user). Enrol the user from the previous step in the course created in the previous steps. Enable "Mobile services": Plugins ► Web Services ► Mobile Create a WS Token for the user created in the previous steps: Click on Site administration ► Plugins ► Web services ► Manage tokens Test Open a terminal/console and execute the following command: You need to replace the the URL of your moodle instance curl 'http://localhost/m/stable_master/lib/ajax/service.php' --data-binary '[{"index":0,"methodname":"tool_mobile_get_public_config","args":{}}]' | python -m "json.tool" Check  that this call returns some site info and the "sitename" contains some html (like <span class="filter_mathjaxloader_equation"> ...). In the terminal/console, now execute the following command: You need to replace the wstoken with the token created in Setup, the USERID with the id of the user created in Setup and the URL of your moodle instance curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=core_enrol_get_users_courses&wstoken=WSTOKEN&userid=USERID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool" Check  that this call returns a list of courses. Check that the list contains the course created in Setup and its "displayname" contains some html (like <span class="filter_mathjaxloader_equation"> ...). In the terminal/console, now execute the following command: You need to replace the wstoken with the token created in Setup, the FORUMID with the id of the forum created in Setup (not the course module ID) and the URL of your moodle instance curl 'http://localhost/m/stable_master/webservice/rest/server.php?moodlewsrestformat=json' --data 'wsfunction=mod_forum_get_forum_discussions&wstoken=WSTOKEN&forumid=FORUMID&moodlewssettingfilter=true&moodlewssettingfileurl=true' | python -m "json.tool" Check  that this call returns a list of discussions. Check that the list contains the discussion created in Setup and its "subject" contains some html (like <span class="filter_mathjaxloader_equation"> ...).      

    Description

      Example on how to reproduce it:

      1. As admin, enable MathJax and allow it to be applied to "Content and headings".
      2. In a forum, create a new post and put some MathJax in the subject (e.g. $$(a+b)=2$$).
      3. Now call the WebService mod_forum_get_forum_discussions with the forumid of the forum used before. You will get an "Invalid response value" exception.

      The forum subject is PARAM_TEXT, and the text "$$(a+b)=2$$" is a valid text. However, by default WebServices filter the content before returning it, and the MathJax filter adds HTML to the subject. The WebService defines this field as PARAM_TEXT too (like the form field), so the type is invalid because it includes HTML.

      This seems to affect several WebServices. E.g. if you add MathJax to a course name you break the WebService core_enrol_get_users_courses (and probably some others like mod_assign_get_assignments).

      Attachments

        1. MDL-68098_setup.jpg
          MDL-68098_setup.jpg
          22 kB
        2. MDL-68098_step#2.jpg
          MDL-68098_step#2.jpg
          52 kB
        3. test_result.png
          test_result.png
          207 kB

        Activity

          People

            dpalou Dani Palou
            dpalou Dani Palou
            Simey Lameze Simey Lameze
            Sara Arjona (@sarjona) Sara Arjona (@sarjona)
            Anna Carissa Sadia Anna Carissa Sadia
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 1 week, 1 day, 3 hours, 10 minutes
                1w 1d 3h 10m

                Clockify

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.