Static content URL in feedback templates is not absolute in the production setting #75
Comments
|
Apparently In addition, for local containers a hack was implemented in 0aae89a (the reason why static_url seems correct in local content). MOOC-Grader could configure that value also in production, though MOOC-Grader can't be sure where the static file is really hosted. Thus, I would proceed implementing this in the build pipeline, where we choose where static files are uploaded. For now, easiest would be adding environment substitutions to the url=${STATIC_CONTENT_HOST:-{{ course.static_url }}}
for template in template.html; do
mkdir -p "_build/templates/${template%/*}"
sed "s#@@STATIC_CONTENT_URL@@#${host%%#*}#g" \
"$template" > "_build/templates/$template"
done
make touchrst htmlIn exercise config yaml, one would then use That said, I would avoid making absolute value in |
markkuriekkinen
added
priority: low
requester: Aalto teacher
markkuriekkinen
changed the title
|
#57 fixed the course build environment. There is an environment variable for the course build that contains the absolute static URL. However, this issue is about rendering feedback templates at the end of grading submissions. It would be simple to make the template variable
I think that the template variable Note: template variables #57:
In RST courses, the build env variable |
markkuriekkinen
added
effort: hours
In short: the variable
course.static_urlwhich can be used when rendering a custom feedback template is broken on production server. When I run the course in local development setting, it is correct: course.static_url = "http://localhost:8080/static/default/". When the same template is rendered on production setting, it is: course.static_url = "/static/CS-A1143_2020/", but it should be: "https://grader.cs.hut.fi/static/CS-A1143_2020/".Longer explanation: I am developing JSAV exercises for Data Structures and Algorithms Y course. There is a need to use a feedback template which is rendered on mooc-grader. The feedback template should refer by URL to CSS and JavaScript files from the static directory of the course, for example, https://grader.cs.hut.fi/static/CS-A1141_2020/OpenDSA/ . Mooc-grader does not know its domain (grader.cs.hut.fi, localhost:8080 in development), because it is running inside a Docker container. The current solution that I know has these hardcoded domains in the Django template or Django view of the exercise. The view or template tries to detect whether it is running in a local development or in a production environment. Reference from A+ manual: https://github.com/apluslms/course-templates/blob/master/exercises/ajax_exercise/template.html From that perspective, it would be nice to have variable similar to course.static_url configured at the container startup so that it is set correctly ("http://localhost:8080/static/<course_key>" in local, "https://grader.cs.hut.fi:8080/static/<course_and_instance_key>" in production).
This feature would assist the work on stop using custom Django views on A+ courses (for example: https://version.aalto.fi/gitlab/course/traky/blob/2020/exercises/jsav/views/iframe.py ), as this is a potential security risk.
The text was updated successfully, but these errors were encountered: