cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Lamplighter II

Trouble embedding resources with new Google LTI

Jump to solution

We've seen a new-ish issue with Google's new Assignments (LTI 1.3) update. When teachers try to embed materials from Drive, particularly videos, they don't always show up for students. At the risk of having a "help me with my very specific problem" post, has anyone else run into embedding issues in particular? I haven't been able to nail down a specific pattern or set of conditions which would prevent student access to the materials.

Labels (1)
1 Solution

Accepted Solutions
Highlighted
Lamplighter II

Update #2: This applies only when the resource is set to "Anyone in the domain." When the resource is changed to "Anyone with the link" (ie, public access) it embeds in Canvas.

My guess is that when Canvas reaches into Drive to get the item, Google sees that request as outside the domain. Publishing the item on the Internet allows it to be embedded successfully.

Note also, that this is only present in the Canvas Student iOS app and through Canvas in Safari on iOS. Opening the course through Chrome allows the material to be embedded because of more comprehensive security settings that Safari on iOS ignores. So, publishing without access restrictions really only fixes access through the app or Safari.

View solution in original post

0 Kudos
2 Replies
Highlighted
Lamplighter II

I dug some more and was able to reproduce on an iPad through Safari. Looking at the debug console, Canvas is rejecting the embed in an iframe because a header was set to deny requests across origins. Safari on iOS doesn't respect other network security headers (which is weird), so I'm thinking there isn't an easy solution because it would involve either Google or Canvas handling those requests differently.

0 Kudos
Highlighted
Lamplighter II

Update #2: This applies only when the resource is set to "Anyone in the domain." When the resource is changed to "Anyone with the link" (ie, public access) it embeds in Canvas.

My guess is that when Canvas reaches into Drive to get the item, Google sees that request as outside the domain. Publishing the item on the Internet allows it to be embedded successfully.

Note also, that this is only present in the Canvas Student iOS app and through Canvas in Safari on iOS. Opening the course through Chrome allows the material to be embedded because of more comprehensive security settings that Safari on iOS ignores. So, publishing without access restrictions really only fixes access through the app or Safari.

View solution in original post

0 Kudos
Top Kudoed Authors
Labels