The user agent string sent by Firefox 17 is different in Moodle and
Mahara.
Mozilla developers changed the user agent string in Firefox 17, but this
caused problems in Moodle 1.9, so they implemented a workaround. See
this Mozilla bug: https://bugzilla.mozilla.org/show_bug.cgi?id=799502
** Bug
Hi Melissa,
Dan (from Moodle) here. Unfortunately the firefox 'solution' for this
can't determine if the Moodle site is 'fixed' or not, so its non-
deterministic and so will be presenting the wrong useragent all the time
(unless the user has disabled the about:config setting:
Oops, missed 2.1 off that list.
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1082416
Title:
XMLRPC with Firefox 17.0 not possible
Status in Mahara ePortfolio:
Confirmed
Bug
This is really a tricky one.
Perhaps we could map out the various combinations of Moodle/Mahara and
the situation/workarounds for each?
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1082416
To be clear: even if your moodle is upgraded, firefox will still be
sending the 'old-style' user agent string.
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1082416
Title:
XMLRPC with
Another solution (requiring that sites only upgrade Moodle) is that
Moodle MNET code transforms the hacked version of Firefox 17+:
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20100101
Firefox/17.0
to the unhacked version before sending the hash to Mahara:
Mozilla/5.0 (Macintosh;
Perhaps it might be worth stepping back for a moment and asking what
security value there is in checking that Moodle and Mahara receive the
same User Agent string? Given that this string can be spoofed either by
the user agent itself or by a proxy, so that it can be made to match or
not match as a
Hi Gerv,
From a web application perspective, getting users to upgrade their
websites is hard. Really hard.
As Dan and Martin have pointed out, there are loads of schools admins
rocking in corners clutching their precious Moodle 1.9, and likewise
there are admins doing the same with Mahara 1.2.
Dan,
i´m running the latest Moodle 2.3.3 build. You wrote that a fix should already
be implemented in the latest Moodle builds.
Did i get something wrong here?
Gerv,
i have to agree with Melissa. You won´t get the Admins to upgrade their Moodle
or Mahara Installation to a major new release
I agree with going for everything at once:
- implementing the hack fix to ignore the hash (or transform the useragent)
in Moodle
- implementing the hack fix to ignore the hash (or transform the useragent)
in Mahara
- providing a nice little patch for people who can't actually upgrade (and
Public bug reported:
When an admin is on User search, he can search for users of an
institution, but does not see which authentication method they use. If
you have multiple auth methods set up and you need to change users from
one to another, you would have to go into each account to find out the
This bug relates to many pages and heavy uses of javascript for
rendering and manage the table (using old 'tablerenderer').
** Changed in: mahara
Status: Triaged = In Progress
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to
I have patches for both moodle and mahara that is essentially an ignore
of the useragent at the exact point of checking the session.
I'm reluctant to rip all of the useragent code out up front as there may
be other things intertwined.
** Patch added: Mahara patch
Moodle patch. what's the moodle patch procedure?
** Patch added: Moodle patch
https://bugs.launchpad.net/mahara/+bug/1082416/+attachment/3444522/+files/0001-Fix-for-moodle-mahara-mnet-jumping-in-Firefox-17-MDL.patch
--
You received this bug notification because you are a member of Mahara
https://reviews.mahara.org/#/c/1885/
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1082416
Title:
XMLRPC with Firefox 17.0 not possible
Status in Mahara ePortfolio:
Confirmed
Bug
Review for the patches says they are incomplete. Will upload fixed ones
later
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1082416
Title:
XMLRPC with Firefox 17.0 not possible
Status in
@Melissa:
So while it's a nice thought that we could use this to force them to upgrade,
for many of them the changes in the systems between 1.9/1.2 and 2.3/1.6 can
involve retraining rather non-technical staff which is likely to build
resentment towards the projects.
To be clear, the fix
Reviewed: https://reviews.mahara.org/1851
Committed:
http://gitorious.org/mahara/mahara/commit/bbc0adb0eca34fd171da5f78e933599944648b71
Submitter: Melissa Draper (meli...@catalyst.net.nz)
Branch:master
commit bbc0adb0eca34fd171da5f78e933599944648b71
Author: Melissa Draper
18 matches
Mail list logo