diff --git a/main/newscorm/learnpath.class.php b/main/newscorm/learnpath.class.php index 95b0da3fef..4787981db1 100755 --- a/main/newscorm/learnpath.class.php +++ b/main/newscorm/learnpath.class.php @@ -9879,7 +9879,7 @@ EOD; * * @return string */ - public function checkXFrameOptions($src) + public function fixBlockedLinks($src) { if (strpos($src, api_get_path(WEB_CODE_PATH)) === false) { // Check X-Frame-Options @@ -9912,6 +9912,14 @@ EOD; $_SESSION['x_frame_source'] = $src; $src = 'blank.php?error=x_frames_options'; } + } else { + $urlInfo = parse_url($src); + $platformProtocol = api_get_protocol(); + + if ($platformProtocol != $urlInfo['scheme']) { + $_SESSION['x_frame_source'] = $src; + $src = 'blank.php?error=x_frames_options'; + } } return $src; diff --git a/main/newscorm/lp_content.php b/main/newscorm/lp_content.php index 84f1ea23b8..3bb4dcd87d 100755 --- a/main/newscorm/lp_content.php +++ b/main/newscorm/lp_content.php @@ -59,7 +59,7 @@ if ($dokeos_chapter) { } else { $src = 'blank.php?error=prerequisites'; } - $src = $_SESSION['oLP']->checkXFrameOptions($src); + $src = $_SESSION['oLP']->fixBlockedLinks($src); break; case 2: $_SESSION['oLP']->stop_previous_item(); diff --git a/main/newscorm/lp_view.php b/main/newscorm/lp_view.php index 866716af0f..73c4434c44 100755 --- a/main/newscorm/lp_view.php +++ b/main/newscorm/lp_view.php @@ -168,7 +168,8 @@ if (!isset($src)) { $src = api_get_path(WEB_CODE_PATH).'newscorm/lp_view_item.php?lp_item_id='.$lp_item_id.'&'.api_get_cidreq(); } - $src = $_SESSION['oLP']->checkXFrameOptions($src); + $src = $_SESSION['oLP']->fixBlockedLinks($src); + $_SESSION['oLP']->start_current_item(); // starts time counter manually if asset } else { $src = 'blank.php?error=prerequisites';