2 Replies Latest reply on Oct 20, 2017 6:48 AM by duzunov

    Can't launch LTI tool in an iframe due to security settings



      I'm working on an LTI tool integration with Blackboard. When I create a placement for the tool, the following popup shows:


      Screen Shot 2017-10-10 at 12.31.12 PM.png


      And when I open the tool link, the tool always launches in a new window.

      The tool runs on https and doesn't send X-Frame-Options or Content-Security-Policy response headers. I'm using the Developer Virtual Machine for running Blackboard. I'm running Blackboard over http. I also tried running it over https (using the 9877 port) but the above warning still pops up. When I'm running it over https the browser still considers the connection as "Not Secure":


      Screen Shot 2017-10-12 at 7.32.21 PM.png


      What should I do to make the tool link launch the tool in an iframe?

        • Re: Can't launch LTI tool in an iframe due to security settings

          Hi Dimitar!

          I'm not really a https guru, but it'd certainly help if we knew the exact error that your browser is giving. These are usually in all caps, and would look something like SSL_ERROR_RX_MALFORMED_ALERT. Usually you can find these by clicking "more information" or "Advanced" on the page with the error. Alternatively, use the dev tools to find the error.


          That being said, my guess is that since you're running on localhost, that probably indicates you running a self-signed certificate. Has that been properly added to your browser's certificate store?

          2 of 2 people found this helpful