[Building Sakai] IMS LTI

Matthew Jones matthew at longsight.com
Tue Oct 2 08:50:25 PDT 2012 

This is true, but if the user initiates the popup then it's not blocked,
this is fixed in BLTI-112 <https://jira.sakaiproject.org/browse/BLTI-112> so
at least helps the problem.

Dr. Chuck and others are planning on replacing/updating Web Content as a
portlet for 2.10 (https://jira.sakaiproject.org/browse/SAK-12563) mostly
because most big sites are doing a "X-Frame-Options SAMEORIGIN" nowadays.
This is a bigger problem for most users than http/https.

On Tue, Oct 2, 2012 at 11:43 AM, Adam Marshall <adam.marshall at it.ox.ac.uk>wrote:

>  I am told that when one selects the ‘popup’ option it opens in one of
> those pop-ups that Browsers routinely block. This is no good for us.****
>
> ** **
>
> We are halfway through some work to open web content popups in an
> iframeless new window for access/student users only. Maintainers still get
> the iframe version with the options link. ****
>
> ** **
>
> I’m happy for the LTI pop-up option to be manually configured and to open
> in a ‘proper’ new window (cf Web Content).****
>
> ** **
>
> I suppose an auto-version would be better and as check says, Sakai knows
> its own protocol and the protocol of the target website . LTI tool so could
> do whizzy things behind the scene.****
>
> ** **
>
> adam****
>
> ** **
>
> *From:* Matthew Jones [mailto:matthew at longsight.com]
> *Sent:* 01 October 2012 17:47
> *To:* Adam Marshall
> *Cc:* Sakai Developers
> *Subject:* Re: [Building Sakai] IMS LTI****
>
> ** **
>
> Not too sure what you mean?****
>
> ** **
>
> BLTI 1.3+ supports popup option (
> https://jira.sakaiproject.org/browse/BLTI-77). Otherwise you would get
> this warning unless the provider had an SSL version of their site too. It
> seems insecure if they didn't, and SSL certs are super inexpensive.
>
> You might also be able to do something to proxy the content if you can't
> get the provider to provide an SSL version.****
>
> ** **
>
> On Mon, Oct 1, 2012 at 12:32 PM, Adam Marshall <adam.marshall at it.ox.ac.uk>
> wrote:****
>
> We have users complaining about mixed content warning when they link to
> their favourite http learning application from within our https sakai
> deployment.
>
> Has anybody done anything about this locally, ie, opening the tool in a
> pop-up window. I understand this is a little tricky as LTI uses JSR-168
> portlets?
>
> adam
>
> --
> Dr A C Marshall, WebLearn Service Manager, IT Services, University of
> Oxford.
>
>
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to
> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
> "unsubscribe"****
>
> ** **
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20121002/75beb19d/attachment.html

More information about the sakai-dev mailing list