Firefox 96.0+ Breaking LTIs

Firefox 96.0+ Breaking LTIs

by Riana Beachy-Hasenick -
Number of replies: 3

Hi all, we're running into issues with LTIs with the latest release of Firefox (96.0+). I've seen similar issues reported for Canvas, but haven't seen any for Moodle, so wanted to see if anyone else was experiencing this.

It's happening for our Kaltura and Zoom LTIs - Kaltura has stated that they plan to patch the issue this weekend, but unsure about Zoom. With Kaltura, it gives an error about 3rd-party cookies, but with Zoom it gives a "required parameter (url) was missing" error and creates a strange nested login loop. This happens both when adding a new Zoom activity via External Tool and when clicking on an existing one. 

Anyone else seeing this? Wanted to make sure there's not anything we're overlooking in Moodle that might solve this. Thanks!

Average of ratings: -
In reply to Riana Beachy-Hasenick

Re: Firefox 96.0+ Breaking LTIs

by Jake Dallimore -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Testers
Hi Riana,

This is likely because of a change to the way samesite cookies are handled in Firefox 96 (now implicitly set to samesite=lax). We suspected this was coming. Moodle patched this in launches a while back - see MDL-71887 for details. What version of Moodle are you running?

Jake
Average of ratings: -
In reply to Jake Dallimore

Re: Firefox 96.0+ Breaking LTIs

by Riana Beachy-Hasenick -
Hi Jake, thanks for your response! That makes sense - we're still running 3.9.7. Looks like it was patched in 3.9.9?
Average of ratings: -
In reply to Riana Beachy-Hasenick

Re: Firefox 96.0+ Breaking LTIs

by Jake Dallimore -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Testers
Hi Riana,

Yep, that's right. Patched in 3.9.9 as per the fix version/s field.

Cheers,
Jake
Average of ratings: -