We have a number of students who are using Safari to make poor choices so we want to create a white list of websites which are accessible to them, but keep them from searching inappropriate sites. While we can certainly white list Canvas, we are not able to open PDF's due to the routing of other addresses. Can you please help us to keep our students safe while also allowing us to use all the functions of Canvas?
There are many ways to share a PDF could you give us the route that your teachers are using for the most part? Could you share an example? For an example if the teacher is utilizing the storage provided by canvas they should be able to whitelist the root domain (yourschool.instructure.com) and all additional partitions should come through ex: https://yourschool.instructure.com/users/0000/files/00000/preview?verifier=BOSn7ZKyi5bBhfkswuzoKdoZz... But if the teachers are using a third party like Microsoft's 365 stuff or Google Docs or drive to host PDFs that is an entirely different question.
All in all Whitelisting becomes a daily task with many ways to share content there will always be a something to correct so students and teachers can function. Blacklisting might be more feasible and with many automatically generated list (for gaming, porn, malicious, propaganda, etc )it would be less of a hassle.
Have you considered having them use Chrome to instead?
Joking aside, there are a WIDE variety of domains used on the backend to keep Canvas up and running. I don't know if it would solve your problems or not, but I try to keep a whitelist going for my ad blocker:
This isn't developed or supported by Instructure, but it has a pretty good list of the domains used to deliver Canvas.