## Security and privacy

### Enable "Require the Use of Safe Exam Browser" on SCORM package

Re: Enable "Require the Use of Safe Exam Browser" on SCORM package

Hi Jamison,
my fault: it's "$_SERVER" and not "$ SERVER". I'm not sure how I deleted the underscore char, could it be done by the glossary filter?

Matteo

Average of ratings: Useful (1)
Re: Enable "Require the Use of Safe Exam Browser" on SCORM package

Thanks for all of your help Matteo!  Now, the page loads on SEB but also every browser.  The code looks like this now, is there something wrong that's allowing it on every browser?

function scorm_pluginfile($course,$cm, $context,$filearea, $args,$forcedownload, array $options=array()) { global$CFG;

if ($context->contextlevel != CONTEXT_MODULE) { return false; } // Allow content to be accessed ONLY from a 'Safe Browser'. if (strpos($_SERVER['HTTP_USER_AGENT'], 'SEB') == false){
return false;
}

require_login($course, true,$cm);

$lifetime = isset($CFG->filelifetime) ? \$CFG->filelifetime : 86400;

Average of ratings: -
Re: Enable "Require the Use of Safe Exam Browser" on SCORM package

Hi Jamison,
try to delete the browser local cache: Moodle by default tries to minimize the bandwidth impacts by asking the browser to cache the content, SCORM files included, so if you already accessed that content before applying the patch you should be able to see it until the local cache will expire.

Note: as mentioned by Tim, the current SEB securing implementation is weak in the sense that most of the browsers today are able to rewrite User Agent information so this hack is just a proof of concept before being the real solution for securing the content.

HTH,
Matteo

Average of ratings: Useful (1)
Re: Enable "Require the Use of Safe Exam Browser" on SCORM package

Awesome! Worked perfectly.  Thanks so much.