Uploaded image for project: 'Moodle app'
  1. Moodle app
  2. MOBILE-1893

remote addons using directives throw security warnings

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.1.3
    • Fix Version/s: 3.2
    • Component/s: Remote addons
    • Labels:
    • Testing Instructions:
      Hide
      1. Download the file attached to this issue (pmatch.zip), uncompress it and copy the folder to your Moodle, inside the folder: question/type.
      2. Login in Moodle as admin and finish the plugin installation.
      3. Create a quiz and add at least 1 pmatch question. It doesn't have to be a valid question. You can check the pmatch documentation to see the answer syntax.
      4. Now login in the app and go to the quiz. Check that you can start a new attempt and that the question is rendered fine (question text and 1 input field).
      Show
      Download the file attached to this issue (pmatch.zip), uncompress it and copy the folder to your Moodle, inside the folder: question/type . Login in Moodle as admin and finish the plugin installation. Create a quiz and add at least 1 pmatch question. It doesn't have to be a valid question. You can check the pmatch documentation to see the answer syntax. Now login in the app and go to the quiz. Check that you can start a new attempt and that the question is rendered fine (question text and 1 input field).
    • Affected Branches:
      MOODLE_31_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE
    • Sprint:
      Moodle Mobile 3.2

      Description

      I'm not 100% sure if this is a bug, some missing documentation or just confusion my part but...

      It appears remote addons can't use directives without triggering security issues.

      Packaging up a module that works when not an addon appears to have issues when packaged.

      Error: [$sce:insecurl] Blocked loading resource from url not allowed by $sceDelegate policy. URL: filesystem:http://localhost:8100/persistent/sites/05af9b4d326c0f5d15bcfd9a026aee74/filepool/remoteaddons/mod_hsuforum_mod_hsuforum/templates/discussionpost.html

      That url is automatically transformed from ''addons/mod/hsuforum/templates/discussionpost.html' as part of the process of creating the remote addon. And the security settings don't seem to like it.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              dpalou Dani Palou
              Reporter:
              bawjaws David Scotson
              Peer reviewer:
              Pau Ferrer
              Integrator:
              Juan Leyva
              Tester:
              Berta Maroto
              Participants:
              Component watchers:
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                12/Dec/16