UDOIT 2.6.0 "Eatonville"

Learner II
3 21 821

This is a critical update for any institutions that run UDOIT on a separate domain from their instance of Canvas, such as the LTI server being "lti.myuniversity.edu" and Canvas being "myuniversity.instructure.com".  This update needs to be applied to keep UDOIT working for Chrome users starting in February.  Check the Chromium Blog for more information.

If you aren't able to update UDOIT to the latest version before February, you can manually fix this issue by inserting this session cookie settings code in config/settings.php immediately after the "define('UDOIT_VERSION',..." line.

Important Note:  If you are upgrading from an existing installation, there are some specific instructions you need to follow.  Refer to the full release notes.

PHP 7.3 Incompatibility:  Unfortunately, due to time constraints, we were still unable to figure out the issue with PHP 7.3 on Heroku.  I would appreciate any help the community can provide testing UDOIT on PHP 7.3 and 7.4 on their "testing", "staging" or "QA" servers.  For more information see Issue 422.

Bugs Fixed

  • The Admin Panel was making multiple calls to the backend #440
  • Hardcoded reports table name #436
  • MariaDB did not like the OFFSET syntax that was compatible with MySQL and PostgreSQL #435
  • Expand/Collapse buttons did not have screen-reader accessible labels #458 (Thanks to UMN and Cidi Labs for reporting this!)
  • Cookie policy did not support soon-to-be-released default settings in Chrome #459 (Thanks again to Cidi Labs for contributing code, and to everyone who contacted me about this!)

Features Added

  • Compatibility with Scoped Developer Keys #406 #453.  Please see the updated Canvas Oauth2 section of the README for more information.
  • Temporarily caching results of YouTube and Vimeo API calls to eliminate redundant calls and reduce API quota usage #360 #455
  • Ability to scan only for Errors, Suggestions, or both #424
  • Ability to ignore unpublished content during scan #423
  • All instances of error_log were converted to use Monolog #412.  This improves error logging, and makes debugging easier.
  • YouTube and Vimeo links in "View the source of this issue" open in a new window #377
  • Detecting the language of video captions and comparing them to the course language setting #360.
  • UFIXIT for "Avoid using styles for document structure" #60
  • Instructions for updating existing Heroku installations #471
Adventurer II

Hi tr_jbates‌, thank you very much for your continued efforts to improve UDOIT. We have been using it for some time and it has been very helpful in making courses accessible. 

We updated UDOIT to 2.5 last year. That version is not able to detect table headers. Is this fixed in 2.6?

Learner II

I received a few reports of table header issues with 2.5, but I was never able to replicate them.  Hopefully 2.6 fixes them for you, but I can't be certain.

Community Coach
Community Coach

Good morning, tr_jbates...

I'm working with mmutz1@morainepark.edu‌ to upgrade to 2.6.0.  We are testing things in our "test" environment before pushing over to "production".  In the "UDOIT Admin" panel screen, when I click on the "Display Results" button within the "Errors" tab to see "Most Common Errors", nothing populates.  The other three tabs work fine.  What kinds of data should we be seeing in the "Errors" tab, and how can we get this to populate?

Learner II

Here's an example of what my development instance shows on the Errors tab after clicking the "Display Results" button:

Screenshot of UDOIT 2.6.0 showing a list of errors with the number of times that error has occurred in scans

It's just a sum of the number of times each error occurs in the latest scan from each course, sorted by highest count first.  Are you getting any database errors in the logs?

Community Member

Is this relevant?

udoit.WARNING: E_WARNING: Invalid argument supplied for foreach() {"code":2,"message":"Invalid argument supplied for foreach()","file":"/u01/apps/udoit/public/api/stats.php","line":96} 

Learner II

I think that error might be caused by the code parsing through old reports.  The code doesn't actually count each error in each scan, rather it relies on the "error_summary" portion of the scan to exist.  If it doesn't exist, you'll see that warning.  I'll put in an issue to deal with this particular situation, but we may be able to get it working for you in the meantime.  Have you run any new UDOIT scans since you updated your test environment?  If not, try scanning a course and going back to the errors tab in the admin panel to see if you get any results.

Adventurer II

We just upgraded to 2.6 and the table header issue remains. Smiley Sad

Learner II

Could you send me some examples of tables where it UDOIT is not detecting table headers?

Community Coach
Community Coach

Hi tr_jbates...

Matt let me know yesterday afternoon that 2.6.0 was ready to test.  Since I got to work this morning, I've probably scanned around 10 courses in our "test" environment, and all of them have scanned successfully.  I've then gone to the "UDOIT Admin" screen, and that's when I've tried to run that report in the "Errors" tab, but nothing populates like what you shared in your earlier screen shot.

Learner II

Does anything show up in the Javascript error console in your browser after clicking the "Display Results" button?

Community Coach
Community Coach

Good morning, tr_jbates...

After checking with Matt, I believe this is the information you'd want to look at.

Chrome JavaScript Console

Learner II

chofer@morainepark.edummutz1@morainepark.edu‌ I believe that error is showing up because the response from the backend is actually a PHP warning instead of the JSON the frontend expects.  I suspect the warning that is being passed from the backend is the same one that Matt found in his error logs.  I have created Issue #481 in the UDOIT repository for this.  The fix should be fairly simple:  verifying that the error_summary field exists in the report before attempting to do something with it.  I expect this fix to appear in 2.6.1, which is slated to be released in the next two weeks.

In the meantime, you can try disabling the display of errors and warnings in your php configuration.  That should let you see the results from the users panel.

Adventurer II

Hi tr_jbates,  below is an example of a table where I used the UFIXIT button to set a table header. The code in the source preview clearly includes the table heading, but the error remains. We are running UDOIT on a Windows server. 

Screen shot of table in UDOIT report


Thanks for all the work on this tool!

We're just beginning to test with a Heroku instance, and I'm trying to lock down the developer key by turning on scoping and enabling the keys listed at  GitHub - ucfopen/UDOIT: The Universal Design Online content Inspection Tool, or UDOIT (pronounced, “... 

  • Assignments
    • url:GET|/api/v1/courses/:course_id/assignments
    • url:GET|/api/v1/courses/:course_id/assignments/:id
    • url:PUT|/api/v1/courses/:course_id/assignments/:id
  • Courses
    • url:PUT|/api/v1/courses/:id
    • url:GET|/api/v1/courses/:id
    • url:POST|/api/v1/courses/:course_id/files
  • Discussion Topics
    • url:GET|/api/v1/courses/:course_id/discussion_topics
    • url:GET|/api/v1/courses/:course_id/discussion_topics/:topic_id
    • url:PUT|/api/v1/courses/:course_id/discussion_topics/:topic_id
  • Files
    • url:GET|/api/v1/courses/:course_id/files
    • url:GET|/api/v1/courses/:course_id/folders/:id
    • url:GET|/api/v1/folders/:id/folders
    • url:GET|/api/v1/folders/:id/files
  • Modules
    • url:GET|/api/v1/courses/:course_id/modules
    • url:GET|/api/v1/courses/:course_id/modules/:module_id/items
  • Pages
    • url:GET|/api/v1/courses/:course_id/pages
    • url:GET|/api/v1/courses/:course_id/pages/:url
    • url:PUT|/api/v1/courses/:course_id/pages/:url
  • Users
    • url:GET|/api/v1/users/:user_id/profile

However, with scoping turned on and the above keys enabled, I'm getting an :"Authentication Problem: Access Denied" message in the LTI tool, and the undoit log includes an error about scope:

"POST /?d=scanner HTTP/1.1" 302 - "https://unomaha.test.instructure.com/courses/22232/external_tools/2411" 
"error=invalid_scope&error_description=A+requested+scope+is+invalid%2C+unknown%2C+malformed%2C+or+exceeds+the+scope+granted+by+the+resource+owner.+The+following+scopes+were+requested%2C+but+not+granted%3A+ HTTP/1.1" 200 968 "https://unomaha.test.instructure.com/courses/22232/external_tools/2411"

I'm looking for a scope that might not have gotten enabled, and have enabled several of the External Tools scopes, but I'm not seeing one for "url:/POST|/api/v1/courses/:course_id/external_keys/:external_tool_id".

Has anyone had luck enabling developer key scoping with a Heroku instance?



Learner II

Thank you for providing this info.  I have created an issue, and we will take a look at it and see if we can replicate what you are seeing.  I may ask you for more information as we explore this further.

Learner II
I tested this thoroughly before launch, and I haven't heard of any issues from other institutions.  If anyone else is having this issue, please reply!
It looks like UDOIT is trying to request a scope that is invalid.  The scopes are requested on Line 60 of the settings.php file.  Please double-check that the `OAUTH2_ENFORCE_SCOPES` config var is set to `true` by going to Heroku.com -> Your UDOIT Instance -> Settings -> Reveal Config Vars.

Thanks, tr_jbates !  It looks like that `OAUTH2_ENFORCE_SCOPES` setting was causing the problem, since it was set to false, and things seem to be working after setting to true and re-enabling scoping.

Much appreciated!

Adventurer II

Hi tr_jbates‌, did you have a chance to look into the table header issue?

Learner II

Yes, but we have not released a fix yet.  This issue has pointed out some deficiencies in how we handle tables, and we are overhauling the table detection and fixing code to handle all the different ways you can structure a table.  We are short-staffed right now, so I can't give an estimate on when that fix will go live, though.

Adventurer II

Jacob, thank you for the update and thank you for your continued support concerning UDOIT. 

Learner II

We may have fixed your issue in UDOIT version 2.6.3!  Please let me know.

About the Author
I'm the Team Lead of the Techrangers, which is a group of part-time students that specialize in course development and software engineering. I'm also the project manager of the UDOIT tool, which is an open source LTI that scans courses for accessibility issues. Check it out at https://cdl.ucf.edu/udoit