OpenOlat 19.0.x: Unexpected bevhaviour during Test

39 views
Skip to first unread message

Carol Vladani

unread,
Sep 21, 2024, 5:53:00 AM9/21/24
to OpenOlat
Since the update to OpenOlat 19.0.x, I have had the problem that users receive an unusual error message while a test is running if they enter data in a test task but do not save the tasks. They then always receive the following error message. The indication ‘Unsaved data’ is correct, but the indication ‘You have been logged off’ makes no sense here, especially as the message appears regardless of how long a task has been worked on. A timeout can therefore be ruled out.

Sie wurden abgemeldet

Aus Sicherheitsgründen werden Sie nach einer längeren Zeit ohne Aktivität oder einem Neustart der Applikation automatisch abgemeldet.

Ungespeicherte Daten

Falls Sie ungespeicherte Daten haben, kehren Sie auf die Seite zurück und speichern Sie die Daten in die Zwischenablage. Nicht gespeicherte Daten gehen bei einem erneuten Login verloren.

Florian Gnägi

unread,
Sep 23, 2024, 2:49:59 AM9/23/24
to open...@googlegroups.com
Hi Carol

Make sure you do not have any invalid references in your test. E.g. images with invalid URLs that lead to a redirect to the login screen which in turn leads to a logout. One way to find such an image is to open the inspector in the browser and see which resource could not be found. 

Cheers
Florian

--
--
Sie erhalten diese Nachricht, weil Sie Mitglied sind von Google
Groups-Gruppe "OpenOlat".
Für das Erstellen von Beiträgen in dieser Gruppe senden Sie eine E-Mail
an open...@googlegroups.com
Um sich von dieser Gruppe abzumelden, senden Sie eine E-Mail an
openolat+u...@googlegroups.com
Weitere Optionen finden Sie in dieser Gruppe unter
http://groups.google.com/group/openolat?hl=de
-------------------------------------------------------------------------------------------------------------------
OpenOlat - infinite learning - http://www.openolat.org
---
You received this message because you are subscribed to the Google Groups "OpenOlat" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openolat+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openolat/f0f728e3-33b5-46d7-80d4-4d73a4c3d4bcn%40googlegroups.com.

--------------------------------------------------------------------
professional services for the e-learning system OpenOlat
hosting - operating - support - development - mobile - consulting
--------------------------------------------------------------------
frentix  GmbH
Florian Gnägi, Geschäftsführer
Okenstrasse 6
CH-8037 Zürich, Switzerland


Find me on mastodon linkedin 
--------------------------------------------------------------------



Message has been deleted
Message has been deleted

Carol Vladani

unread,
Sep 24, 2024, 2:22:47 AM9/24/24
to OpenOlat
Thanks for the tip. In this case, the programme seems to be trying to send a request via an insecure connection:

[Error] The Content Security Policy directive 'frame-ancestors' is ignored when delivered in a report-only policy.
[Error] [Report Only] Refused to connect to http://bildungssprache.ddns.net/sessionchecker/ because it does not appear in the connect-src directive of the Content Security Policy.
[Error] Not allowed to request resource
send (jquery-3.7.0.min.js:2:80569)
ajax (jquery-3.7.0.min.js:2:76111)
o_showFormDirtyDialog (js.plugins.min.js:215)
o_ffXHREvent (js.plugins.min.js:217:149)
onclick (7077888:541)
[Error] XMLHttpRequest cannot load http://bildungssprache.ddns.net/sessionchecker/ due to access control checks.
send (jquery-3.7.0.min.js:2:80569)
ajax (jquery-3.7.0.min.js:2:76111)
o_showFormDirtyDialog (js.plugins.min.js:215)
o_ffXHREvent (js.plugins.min.js:217:149)
onclick (7077888:541)

Carol Vladani

unread,
Sep 24, 2024, 2:22:47 AM9/24/24
to OpenOlat
Dear Florian

Thank you very much for your quick reply. Are you assuming that this is a configuration problem and not a bug in the current release?
The test tasks do not contain any images. The error only occurs if text has been entered and the task is not saved before switching to the next task. If the task is saved, the next task is called up without an error. 

Florian Gnägi schrieb am Montag, 23. September 2024 um 08:49:59 UTC+2:

ca...@vladani.ch

unread,
Sep 24, 2024, 2:22:47 AM9/24/24
to open...@googlegroups.com

Lieber Florian

Vielen Dank für deine schnelle Antwort. Gerne präzisiere ich den Fehler:

Der Fehler tritt nur beim Aufgabentyp «Lückentext» auf und nur dann, wenn im Feld eine Eingabe gemacht wird und dann ohne zu speichern zur nächsten Aufgabe gewechselt wird. Bei anderen Aufgabentypen, oder wenn keine Eingabe gemacht und zur nächsten Aufgabe gewechselt wird, erscheint der Fehler nicht. Der Fehler ist unter den genannten Bedingungen zu 100% reproduzierbar:

[Error] [Report Only] Refused to connect to http://myurl/sessionchecker/ because it does not appear in the connect-src directive of the Content Security Policy.

[Error] Not allowed to request resource

                send (jquery-3.7.0.min.js:2:80569)

                ajax (jquery-3.7.0.min.js:2:76111)

                o_showFormDirtyDialog (js.plugins.min.js:215)

                o_ffXHREvent (js.plugins.min.js:217:149)

                onclick (Skriptelement 1:1)

[Error] XMLHttpRequest cannot load http://myurl/sessionchecker/ due to access control checks.

                send (jquery-3.7.0.min.js:2:80569)

                ajax (jquery-3.7.0.min.js:2:76111)

                o_showFormDirtyDialog (js.plugins.min.js:215)

                o_ffXHREvent (js.plugins.min.js:217:149)

                onclick (Skriptelement 1:1)

[Error] Failed to load resource: the server responded with a status of 403 () (csp, line 0)

 

 

Offenbar scheint der sessionchecker die Anfrage über http statt https zu stellen, was zum Fehler führt.


Ist das ein Konfigurationsproblem auf meiner Seite oder ein Fehler im aktuellen Release?


Beste Grüsse

 

Carol Vladani

 

You received this message because you are subscribed to a topic in the Google Groups "OpenOlat" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/openolat/nPUAKiiJQmw/unsubscribe.
To unsubscribe from this group and all its topics, send an email to openolat+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/openolat/CCCE17FF-AC47-4A1A-9A10-AFCFBC16EA0B%40frentix.com.

Florian Gnägi

unread,
Sep 24, 2024, 2:33:53 AM9/24/24
to open...@googlegroups.com
Hi Carol

„sessionchecker“ is not part of the OpenOlat release. Either your system has been infected by some malicious (JS) code or you might have some fancy browser plugin installed that works agains the Content Security Policy configuration of your system. But as you see, the CSP is in „report only“ mode, it does not actually prevent the execution of your sessionchecker, it is just a remark that it would prevent it from working if security was set to a higher standard on your installation. 

The best guess is that your sessionchecker breaks OpenOlat by calling some URL’s that it should not call and thus invalidates the session. 

Cheers
Florian

Florian Gnägi

unread,
Sep 24, 2024, 2:36:26 AM9/24/24
to open...@googlegroups.com
sorry, the sessionchecker is actually from OpenOlat, sorry about that. I will see if I can reproduce the problem somewhen later today. 

Cheers
Florian

Florian Gnägi

unread,
Sep 24, 2024, 3:44:52 AM9/24/24
to open...@googlegroups.com
Are you sure you have configured your system properly?

server.port.ssl=443

the http://myurl suggests that you have some missconfiguration of your system. The „myurl“ must be in your config somewhere. 

Cheers
Florian


Am 23.09.2024 um 14:52 schrieb ca...@vladani.ch:

ca...@vladani.ch

unread,
Sep 24, 2024, 4:59:10 AM9/24/24
to open...@googlegroups.com
Dear Florian
 
First of all: Thank you for your almost immediate reply and helpful support! I was working on the problem yesterday and actually found that the SSL port was set to 0 instead of 443 in the config. It took me a while to figure this out as everything else seemed to be working fine (using nginx as a reverse proxy) so I didn't think it was a configuration problem as it only appeared in the test situation.
 
So I was eventually able to fix it myself, although your remarks were still very helpful.
 
By the way: I've been using Olat for 10 years now - mainly as a university lecturer - and I'm a big fan! I am happy to work on my 'own' OpenOlat for a scientific project.
 
Cheerio 
 
Carol

 

Zitat von 'Florian Gnägi' via OpenOlat <open...@googlegroups.com>:

Reply all
Reply to author
Forward
0 new messages