SCORM 托管跨域
[英]SCORM Hosting Cross-Origin
问题描述
I try to host a SCORM e-learning module decentralized on an other domain than my LMS (Learning Management System) is running.
我尝试托管一个分散在其他域上的 SCORM 电子学习模块,而不是我的 LMS(学习管理系统)正在运行。 SCORM Modules are normally running in their own browser frame/window and communicating with the LMS directly, running all on the same domain. SCORM 模块通常在它们自己的浏览器框架/窗口中运行,并直接与 LMS 通信,全部运行在同一个域中。 This is no problem because there is no security issue.这没有问题,因为没有安全问题。 Already tried this case with my code and it worked.已经用我的代码尝试过这个案例并且它有效。
To archive the module is hosted on an other server I try to use something like a wrapper.为了存档模块托管在其他服务器上,我尝试使用诸如包装器之类的东西。 These wrapper is hosted on the LMS, load the content from extern and communicates via postMessage with the LMS.这些包装器托管在 LMS 上,从外部加载内容并通过 postMessage 与 LMS 进行通信。 I tried this open-source project: https://github.com/Didask/scol-r我试过这个开源项目: https : //github.com/Didask/scol-r
But i don't get it work.但我不明白。 Everytime i end up with the error: Error grabbing 1.2 API-SecurityError:Blocked a frame with origin "https://..." from accessing a cross-origin frame. Protocols, domains, and ports must match.每次我都以错误告终: Error grabbing 1.2 API-SecurityError:Blocked a frame with origin "https://..." from accessing a cross-origin frame. Protocols, domains, and ports must match. Error grabbing 1.2 API-SecurityError:Blocked a frame with origin "https://..." from accessing a cross-origin frame. Protocols, domains, and ports must match. So something try to access something that is not allowed.所以有些东西试图访问一些不允许的东西。 The exception is raised in the "SCORM_ScanParentsForApi" method.在“SCORM_ScanParentsForApi”方法中引发异常。
I already ask the author of the project but he had no answer at all.我已经问过该项目的作者,但他根本没有答案。 I set up a small demo project in react to simulate an LMS.我建立了一个小型演示项目来模拟 LMS。 Added the wrapper module that point to my external content server where the SCORM module is hosted.添加了指向托管 SCORM 模块的外部内容服务器的包装器模块。
Maybe someone have an idea or can give my a hint.也许有人有想法或可以给我一个提示。 I think it is something trivial.我认为这是微不足道的事情。 Hopefully ;) Thanks!希望 ;) 谢谢!
2 个解决方案
解决方案1
1 2019-05-08 18:25:18
Your specific problem is the Access-Control-Allow-Origin header https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSAllowOriginNotMatchingOrigin您的具体问题是 Access-Control-Allow-Origin 标头https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSAllowOriginNotMatchingOrigin
So we are on sosafe.de and the skorm course is on lms0.sosafe.de This will cause the CORS errors.所以我们在 sosafe.de 上,skorm 课程在 lms0.sosafe.de 上,这将导致 CORS 错误。 You need your response headers to be accepted.您需要接受您的响应标头。
You can do this with your apache config.你可以用你的 apache 配置来做到这一点。 This will allow the response to get through.这将允许响应通过。
SetEnvIf Origin "http(s)?:\/\/(.+\.)?sosafe\.de(:\d{1,5})?$" CORS=$0
Header set Access-Control-Allow-Origin "%{CORS}e" env=CORS
Header merge Vary "Origin"
You don't have to use this code exactly but, modify the server to add the header Access-Control-Allow-Origin.您不必完全使用此代码,但是,修改服务器以添加标头 Access-Control-Allow-Origin。 If you do Access-Control-Allow-Origin: * this would enable cross-origin requests from anywhere (though you should just allow domains you trust).如果您执行Access-Control-Allow-Origin: *这将启用来自任何地方的跨域请求(尽管您应该只允许您信任的域)。 This should solve your problem.这应该可以解决您的问题。
Else they should be on the same domain.否则它们应该在同一个域中。 which may not be possible due to the design of SCOL-R the scorm connector that allows you to reach the API.这可能是不可能的,因为 SCOL-R 的设计是允许您访问 API 的 scorm 连接器。
解决方案2
-1 2021-05-18 16:37:20
You may take a look to this commercial solution that is an alternative to scorm cloud:你可以看看这个商业解决方案,它是 scorm 云的替代品:
https://www.scormnext.es https://www.scormnext.es
It lets you distribute your SCORM contents remotely to external LMS by using SCORM connectors (dispatchers).它允许您使用 SCORM 连接器(调度程序)将 SCORM 内容远程分发到外部 LMS。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.