Showing results for 
Search instead for 
Did you mean: 
Community Member

External url open in new tab automatically

I would like to have the option to link to URLs in a module, and have them open directly in a fresh new tab, not a canvas window.

The current behavior opens a page that shoes the linked page in a window. for sites that are not HTTPS it gives the message "You are trying to launch insecure content from within a secure site (canvas). Some web browsers may prevent this content from loading." This results in having to click, wait for a page load, and click again to see the content that I want them to see. 

I know I could get that behavior from a page, but that wouldn't show due dates or point values automatically.

Tags (3)
4 Replies
Community Coach
Community Coach

Hi  @james_thornburg ,

Unfortunately, I don't have a solution but I can throw in some context of how this may change in future given changes that Google, Mozilla and the likes are pushing for.

There is more of a push from browser vendors at the moment to start using https as a standard (rather than as the exception, like it used to be). Sophos ran an interesting article covering some of the things Chrome is doing Google to slap warnings on non-HTTPS sites – Naked Security and even further back Mozilla indicated their commitment to the secure web

I know there have been certain services that we have interacted with even up until just last year, that had zero support for https (and these were major companies). It makes it difficult, because you end up seeing exactly what your users experience, the errors where you get an insecure content warning.

So, on the HTTPS front, I would suggest contacting the site you wish to link to and championing them to enable HTTPS. In many cases it is not a hugely difficult thing for them to do, and with the way things are changing, it is definitely the way forward. I have had success with this in the past, though, will admit, with larger companies, it has often taken a *long* time.

I also thought that I would mention something which would make my accessibility officer very happy, and that is some of the issues surrounding opening links within new windows/tabs forcibly. NC State University has a nice little summary article that I like to reference Links and new windows – IT Accessibility as it covers off a few of the issues surrounding the problems that new-windows cause for certain types of users.

So, I guess my suggestion would be to try to use a https site where possible, if it is an internal site you are linking to, campaign your IT department to enable HTTPS, if it is external, get into contact with the site and let them know the issue. That should help to get around the root cause (though, there will be some pain points until you can get the sites https enabled).



 @james_thornburg ,

You are describing a couple of different things here, so I'm going to try and address the concern, but I'm not sure that I'm getting at the same thing you're getting at.

First, you describe the current behavior as what happens when external content opens in an iframe within Canvas. There is an option when you create an external URL in a module to have that open in a new tab automatically.


I have to suspect that you know about that when you create the external URLs, but you might have an instructional designer that designs the courses for you so you may not have known about it. I mention it just in case you weren't aware that it was there and that's what the concern was about.

What I have found is that interactive content often does not play well within the iframe within Canvas and so I want it in a new browser tab or window. There are some things, like a single document or a single page of notes, that do work well. Then there are things that will never work well within the iframe (without tweaking browser security settings which you cannot and should not expect students to do) such as insecure content delivered over a non-SSL protocol. These are the links that begin with http and not https.

What I've done is checked the box to open in a new tab for all of my interactive content and for any non-SSL content. I know those won't work well within the iframe. Then I leave the box unchecked for any static content that is delivered over a secure https protocol.

There is another possible issue lurking in your question. You said you want it to open directly in a new tab. That is where I originally focused my thought and everything written above was an afterthought as I was wrapping up this portion. I have pondered this for a couple of days and finally settled on it not being a good idea to automatically open in a new window.

Let me try to explain why.

I have a link to my Statistics Notes as an external URL in a module. The content is not particularly interactive, but I want them to leave this tab open while they do other things in Canvas, so I opened it in a new tab by checking the box. When the student clicks on it, they get this message.


When I click on that link, the browser opens a new tab to my statistics notes as desired and places the focus on that new tab, taking me out of Canvas.

I switch back to the Canvas window to do other work inside Canvas and come back to this link again. If I click on it again, it opens a second new tab to my statistics notes, rather than taking me to the existing tab that I already opened. Is that the desired behavior? That's unknown. I might have wanted two sets of statistics notes open, but if the link is to one of the interactive tools I use in class like QuestionPress, Quizlet, or Kahoot!, I would definitely not want a second copy of the window opened. That is going to be confusing to the students.

Now consider another common behavior of students: clicking on the Next or Previous links to move between module items.

Let's take the Projects portion of my Unit 1 module in statistics.


A student is on the Animal Crackers Report assignment and they want to go back to the Animal Crackers Introduction, check something out, and then come back to the Report. Instead of clicking on the Home button, scrolling down to the unit, finding the introduction and clicking on it, they know that they can just hit the Previous navigation link at the bottom of the page twice.

So they do that. They press Previous and it takes them to the Animal Crackers Data, which is an external URL to a Google sheet. In your scenario, it automatically opens that data in a new window. Then they press Previous again and it takes them to the Animal Crackers Introduction. They quickly scan what they need and then head back to the Animal Crackers Report by pressing the Next link.That takes them to the Animal Crackers Data, which -- you guessed it --automatically opens in a new tab, making two tabs that contain that Google Sheet, neither of which the student wanted. Then they click Next to move back to the page they were on.

I left out a key component in that already frustratingly annoying to the student scenario. When you open content in a new tab, the focus shifts to that new tab and you're outside of Canvas. So when that new tab with the Google spreadsheet automatically opened, the student either had to close the tab or click on the tab to get back to the Canvas window, which made it even harder for them to use the Previous and Next buttons to navigate.

Even if the new tab was automatically opened for a non-secure connection, that would still be bad for people using the Next and Previous buttons for navigation purposes.

It used to be that if you have control over the pages that you're loading for the insecure content, you might be able to throw in some iframe-busting JavaScript and break out of the iframe, loading in a new tab. However, with the security issues and mixed-content (some SSL and some not) restrictions, you won't even be able to do that because the browser won't load the page to get to the JavaScript to break out of the iframe. That means hosting content on a secure server using the https protocol is the desired approach. Your institution might be able to set up a secure proxy that would fetch insecure information and redeliver to Canvas, but that's a bit extreme and I would not recommend it to anyone as a maintainable or preferred solution. It's better to use SSL in the first place and if you can't, then you just can't display it within the iframe inside Canvas that has the Previous and Next links. You'll need to load it in a new tab by checking the box or by having the students do that extra click at the top of the iframe. You really don't want students thinking they're in a secure environment when they're not, bad things can happen. That's some of what  @stuart_ryan  was getting at.

The short version of all that is that you can have external URLs open in a new tab by checking that box. But it can not be done directly or automatically without intervention on the user's part, and that's a good thing.

Community Coach
Community Coach

 @james_thornburg ,

Were you able to find an answer to your question? I am going to go ahead and mark this question as answered because there hasn't been any more activity in a while so I assume that you have the information that you need. If you still have a question about this or if you have information that you would like to share with the community, by all means, please do come back and leave a comment.  Also, if this question has been answered by one of the previous replies, please feel free to mark that answer as correct.



I am unable to get a link to open in a new window when inside of the basic HTML window. It would be nice if there was a "check box" for links to appear in new windows without Canvas being overtaken. I can insert into HTML Editor code: target="_blank" , but that is quite cumbersome for all faculty.


Please advise..

Andrew B.