Uploaded image for project: 'Moodle app'
  1. Moodle app
  2. MOBILE-3853

Issue with loading GO1 Scorm

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 3.9.4, 3.9.5
    • Fix Version/s: None
    • Component/s: SCORM add-on
    • Labels:
      None
    • Affected Branches:
      MOODLE_39_STABLE

      Description

      Hi Guys,

      We have an issue when trying to display a GO1 scorm package in both Moodle workplace mobile and standard Moodle mobile App.

      Using https://workplace.apps.moodledemo.net/

      we get an error like :

      **********

      Content Security Policy of your site blocks some resources
      Some resources are blocked because their origin is not listed in your site's Content Security Policy (CSP). Your site's CSP is allowlist-based, so resources must be listed in the allowlist in order to be accessed.
      A site's Content Security Policy is set either as via an HTTP header (recommended), or via a meta HTML tag.
      To fix this issue do one of the following:
      (Recommended) If you're using an allowlist for 'script-src', consider switching from an allowlist CSP to a strict CSP, because strict CSPs are more robust against XSS . See how to set a strict CSP .
      Or carefully check that all of the blocked resources are trustworthy; if they are, include their sources in the CSP of your site. ⚠️Never add a source you don't trust to your site's CSP. If you don't trust the source, consider hosting resources on your own site instead.
      1 directive
      Resource Status Directive Source Location
      https://cdn.go1static.com/assets/scorm/service.js blocked script-src-elem

      *********

      and the content of the js script is something like:

      (function () { var server; if (typeof ScormPackage_Value.env !== 'undefined') { if (ScormPackage_Value.env === 'dev')

      { server = 'https://api-dev.go1.co/scorm/'; }

      else if (ScormPackage_Value.env === 'qa') { server = 'https://api.qa.go1.cloud/scorm/'; } } else { server = 'https://api.go1.co/scorm/'; } var stag = document.createElement("script"); stag.type = "text/javascript"; stag.src = server + "course/service?token=" + ScormPackage_Value.token + "&version=" + ScormPackage_Value.version; (document.head || document.getElementsByTagName('head')[0]).appendChild(stag); })();

      Is there any way to get around this error?  Is it a moodle issue or rather a scorm publisher issue?

      Thanks!

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            dman2 Dorel Manolescu
            Participants:
            Component watchers:
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: