bracken
commented
8 years ago JSON sourcedid? That's cool. Think you could paste an example value that is sent for us to test with?
Open icc opened 8 years ago
bracken
commented
8 years ago JSON sourcedid? That's cool. Think you could paste an example value that is sent for us to test with?
icc
commented
8 years ago Of course, the HTML looks like this with no escaping:
<input type="hidden" name="launch_params[lis_result_sourcedid]" value="{"data":{"instanceid":"1","userid":"2","launchid":1232306510},"hash":"e26bada8e76f271680d3d014237fc54cfe747d7621589df128c6a5b0c71c6b33"}" />I guess simply replacing " with " in the value would be enough.
I'm testing agains the latest Moodle 2.7.
Thank you for a great tool which makes testing LTI simple!
I noticed that the values printed in assessment.erb are not escaped. This will cause issues if you test agains e.g. Moodle which uses JSON for sourcedid. Anyway I think the tool should escape the html output using e.g.
Rack::Utils.escape_html(text)