I am looking to use the Web object functionality to send users to an internal survey site. When I have published my test storyline file, that item returns a message that says the site 'refused to connect'. So my first thought was that maybe there was some sort of internal blocker, so I tries a random website. That website worked. I then tried another more commonly known social media website, and that one also was blocked.
Is there any place where I can find clear explanation regarding how this functionality of Articulate works?
Thank you for the quick response. So based on that, since the site I want to include in my presentation is an internal site, they should be able to create the permission or an exception?
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data-injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware. A primary goal of CSP is to mitigate and report XSS attacks. XSS attacks exploit the browser's trust of the content received from the server. Malicious scripts are executed by the victim's browser because the browser trusts the source of the content, even when it's not coming from where it seems to be coming from (like from within an iFrame).
Your internal survey site and/or your own hosting site may have set a CSP frame-ancestors directive, which specifies valid parents that may embed a page using the <frame>, <iframe>, <object>, <embed>, or <applet> tags.
related question - is there a way for a SCORM published articulate course to provide two distinct scores? Here is the situation behind the question.
We would like to have a quiz and a survey in our course. At the moment, SCORM publishing doesn't appear to have a way to differentiate between the two scores and provides a single score.
That is where the web object comes in - we want to send the user to an internal webpage for the survey component of the course, but we want it to appear as though they are still in the course. That is why I haven't used the option to open a new window with the web object.
3 Replies
Thank you for the quick response. So based on that, since the site I want to include in my presentation is an internal site, they should be able to create the permission or an exception?
Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data-injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware. A primary goal of CSP is to mitigate and report XSS attacks. XSS attacks exploit the browser's trust of the content received from the server. Malicious scripts are executed by the victim's browser because the browser trusts the source of the content, even when it's not coming from where it seems to be coming from (like from within an iFrame).
Your internal survey site and/or your own hosting site may have set a CSP frame-ancestors directive, which specifies valid parents that may embed a page using the <frame>, <iframe>, <object>, <embed>, or <applet> tags.
related question - is there a way for a SCORM published articulate course to provide two distinct scores? Here is the situation behind the question.
We would like to have a quiz and a survey in our course. At the moment, SCORM publishing doesn't appear to have a way to differentiate between the two scores and provides a single score.
That is where the web object comes in - we want to send the user to an internal webpage for the survey component of the course, but we want it to appear as though they are still in the course. That is why I haven't used the option to open a new window with the web object.