Showing results for 
Search instead for 
Did you mean: 
Community Participant

Clicking Back Button After LTI 1.3 Launch Throws Error

I have found that clicking the browser's Back button after a LTI 1.3 tool launch throws an error.  The sequence looks like the following:

[ User clicks LTI tool link in the Modules area ]
1. GET https://{canvas_domain}/courses/1/modules/items/62
2. POST https://{tool_domain}/{lti_login_path}
3. GET https://{canvas_domain}/api/lti/authorize_redirect?{qs_params}
4. GET https://{canvas_domain}/api/v1/courses/1/module_item_sequence?asset_type=ModuleItem&asset_id=62&frame_external_urls=true
5. GET https://{canvas_domain}/api/lti/authorize?{qs_params}
6. POST https://{tool_domain}/{lti_launch_path}

[ User clicks the browser's Back button ]
7. GET https://{canvas_domain}/api/lti/authorize?{qs_params}

The GET when the user clicks the Back button in step 7 matches the request in step 5, but it now returns a 500 response code rather than a 200.  The following JSON is displayed in Canvas:

while(1);{"errors":[{"message":"An error occurred.","error_code":"internal_server_error"}],"error_report_id":7477}

The full error report is too large to post here, but the associated error thrown is:

Nil is not a valid JSON source
/opt/bitnami/apps/canvaslms/htdocs/app/controllers/lti/ims/authentication_controller.rb:110:in `parse'
/opt/bitnami/apps/canvaslms/htdocs/app/controllers/lti/ims/authentication_controller.rb:110:in `cached_launch_with_nonce'
/opt/bitnami/apps/canvaslms/htdocs/app/controllers/lti/ims/authentication_controller.rb:121:in `id_token'
/opt/bitnami/apps/canvaslms/htdocs/app/controllers/lti/ims/authentication_controller.rb:56:in `authorize'

I am not overly concerned about this behavior as I suspect its not specific to our tool. I am looking for confirmation this is expected,and that there is no "trick" to either fix the behavior or otherwise improve the UX.


Labels (2)
0 Kudos
0 Replies