Community help

jeremy_hawkins1 · ‎06-24-2025

I couldn't find if this had been asked before and it is most likely because I am not wording the question right.

I have been brought a situation in which a student was dropped from a course but the professor still sees that student showing up when getting page views for that course.

I pulled the page views for the student in question and up to a week after this student was removed from the course they have been hitting urls for assignments and announcements.

The course is not set to public so only students (users) who are enrolled in the course should be able to see anything.

I am wondering if this student isn't trying to hit those pages (the pattern is hitting the same url repetitively every few days.) and getting error messages (You don't have access i.e. 401 Unauthorized status codes). I can't see anywhere within the page view data itself that specifies what status code was sent with that request.

chriscas · ‎06-26-2025

Hi @jeremy_hawkins1,

I just tried to replicate what you think you're seeing in the page views but was unsuccessful. I tried viewing a few things form an account that was unauthorized, which gave me an "access denied" error as expected. I then went to the page views log for that user, and none of the things I had tried to view were listed there... This somewhat confirms what I had always thought about the page views, and this is that it will only show things that were successful...

Now I do have one caveat to the above, which is the mobile app. I didn't want to mess around with my app logins on my real mobile device, and I don't have a spare for testing. If someone is able to do a similar experiment to what I did with the mobile app, that should really help in confirming what is shown in the page views log.

-Chris

jeremy_hawkins1 · ‎06-26-2025

Thanks. That's what the professor was worried about. I didn't think about the mobile app. The student could have been logged into the mobile app before being removed and I suppose that authorization lasts longer than a login session.

I always thought the mobile app used access tokens which shouldn't give a user access they shouldn't have. If I am understanding and thinking about access tokens correctly that is.

Page Views include Error Views

Admin

Partial Credit in Alternative Format Questions

Canvas timing out and dropping login

Course Analytics not currently reporting all data ...

Allow Observers to View Instructor Comments

Canvas integration with React + Flask webapp - in...

Partial Credit in Alternative Format Questions

How to align multiple outcomes to a capstone assig...

How To Make An Assignment's Grades Visible To Stud...

Canvas timing out and dropping login

Colour Blindness

You're signed out

Page Views include Error Views

Community help

View our top guides and resources: