iframed html files in rich text content give access denied error when importing from course export package
This behavior has been resolved and deployed to the production environment as of 8/14/24.
Description
Migrating an html file which is embedded in RCE content to another course via exporting the imscc package and importing it elsewhere will result in the embedded iframe containing the html file displaying an access denied error instead of the file’s content.
Expected Behavior
Instead iframed html files should import from course export packages successfully.
Workaround
If the two courses are in the same Canvas instance, doing a course copy instead of export and import will bring the page over with the html file iframed successfully.
Steps to Reproduce
Prerequisites: Two courses and an html file (super simple example attached).
-
Upload the html file in one of the courses then create a page in the course with an iframe embedding the file as is shown below:
<iframe src="https://domain.instructure.com/courses/:course_id/files/:file_id/preview"></iframe>
-
Export the course.
-
Import the course export package in the second course.
-
Open the page in the second course and note that the iframe where the html file should display has an Access Denied page being displayed instead of the html file.
Additional Info
RCX-2133
Known issues indicate notable behaviors that have been escalated to the Canvas engineering team. Known issues are not a guarantee for an immediate resolution. This document is for informational purposes only and does not replace the Support process. If you are encountering the behavior outlined in this document, please ensure you have submitted a Support case (per your institution's escalation process) so Canvas Support can adequately gauge the overall customer impact and prioritize appropriately.