Fix checks to match with core handling for allowframeemedding #425

keevan · 2021-08-19T01:10:30Z

Closes #424

https://github.com/moodle/moodle/blob/036800d99debfe61dde45f61292bc5ad44ab7cb0/lib/weblib.php#L2284-L2287
States that it only passes the 'X-Frame-Options: sameorigin' setting if embedding is disabled AND if the user is not loading the page from the app.

    // The Moodle app must be allowed to embed content always.
    if (empty($CFG->allowframembedding) && !core_useragent::is_moodle_app()) {
        @header('X-Frame-Options: sameorigin');
    }

Tested using the official Moodle app, pointing to a local instance

lib/weblib.php:2285 states that it only passes the 'X-Frame-Options: sameorigin' setting if embedding is disabled AND if the user is not loading the page from the app.

Fix checks to match with core handling for allowframeemedding

0d4b125

lib/weblib.php:2285 states that it only passes the 'X-Frame-Options: sameorigin' setting if embedding is disabled AND if the user is not loading the page from the app.

keevan force-pushed the add-condition-change-for-frame-embedding-support branch from da394f4 to 0d4b125 Compare August 19, 2021 01:45

keevan mentioned this pull request Aug 19, 2021

Fix checks to match with core handling for allowframeemedding catalyst/moodle-mod_hvp#15

Merged

eloquenza mentioned this pull request Jan 30, 2024

Content not showing in moodle mobile app #483

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix checks to match with core handling for allowframeemedding #425

Fix checks to match with core handling for allowframeemedding #425

keevan commented Aug 19, 2021 •

edited

Loading

Fix checks to match with core handling for allowframeemedding #425

Are you sure you want to change the base?

Fix checks to match with core handling for allowframeemedding #425

Conversation

keevan commented Aug 19, 2021 • edited Loading

keevan commented Aug 19, 2021 •

edited

Loading