Regarding the upcoming samesite cookies Chrome changes discussed in the developer's group -SameSite Cookies and Canvas How are you all testing your external vendor LTIs and what have you found so far? We have been testing and reaching out to vendors individually - something that doesn't seem very efficient!
So far we have found the following updates:
BlueJeans - updated recently to accommodate the Chrome 80 cookie behaviour change
ProcktorTrak - updated recently to accommodate the Chrome 80 cookie behaviour change
Kaltura - updated recently to accommodate the Chrome 80 cookie behaviour change
Box - committed to updating but hasn't yet
Piazza - updated recently to accommodate the Chrome 80 cookie behaviour change
@tami_salz what a great idea to share what we're hearing from suppliers! Here's what I have so far:
Echo 360 seems to have been updated recently to work, which is comforting.
Still not fully working for us:
We're contacting each Vendor/3rd party. Many seem to say it'll be sewn-up this weekend...
Respondus (LockDown Browser Integration)
Studio (which is odd... it being from Instructure...)
Threadz (self hosted)
We have tested and contacted the following vendors:
One other note for those who might have missed it:
February, 2020: Enforcement rollout for Chrome 80 Stable: The SameSite-by-default and SameSite=None-requires-Secure behaviors will begin rolling out to Chrome 80 Stable for an initial limited population starting the week of February 17, 2020, excluding the US President’s Day holiday on Monday. We will be closely monitoring and evaluating ecosystem impact from this initial limited phase through gradually increasing rollouts.
Chrome 80: There is a 50% chance that the new SameSite rules are active in your browser, ONLY if you are using Chrome 80 Canary, Dev, or Beta. Upon the release of Chrome 80 Stable, the new SameSite behavior will be rolled out to Chrome 80 Stable users as specified in the timeline above. Chrome 80 users on other channels (Canary, Dev, Beta) will also receive the new SameSite behavior at that time.
So hopefully it won't be immediately impactful unless you're running beta, dev or canary.
This is what we have at MU Columbia:
|Kaltura||Fail (vendor working on a fix)|
|Lockdown Browser instructor interface||Pass|
|Starfish||Pass/Fail (Depends on where it's launched from)|
|Turnitin Feedback Studio||Pass|
|Turnitin Plagiarism Framework||Pass|
|Zoom||Fails but prompts user to open a new window/tab|
Thank you for the excellent list! Can you tell me more about what in Kaltura isn't working?
When testing Kaltura, did you test with Chrome 79 and the two settings turned on, or with Chrome 80 and the two settings turned on?
These are the settings I'm referring to:
We tested Kaltura today with Chrome 80 and the two flags enabled, and it appears to be working ok now.