I try to host a SCORM e-learning module decentralized on an other domain than my LMS (Learning Management System) is running. SCORM Modules are normally running in their own browser frame/window and communicating with the LMS directly, running all on the same domain. This is no problem because there is no security issue. Already tried this case with my code and it worked.
To archive the module is hosted on an other server I try to use something like a wrapper. These wrapper is hosted on the LMS, load the content from extern and communicates via postMessage with the LMS. I tried this open-source project: https://github.com/Didask/scol-r
But i don't get it work. Everytime i end up with the error: Error grabbing 1.2 API-SecurityError:Blocked a frame with origin "https://..." from accessing a cross-origin frame. Protocols, domains, and ports must match.
So something try to access something that is not allowed. The exception is raised in the "SCORM_ScanParentsForApi" method.
I already ask the author of the project but he had no answer at all. I set up a small demo project in react to simulate an LMS. Added the wrapper module that point to my external content server where the SCORM module is hosted.
Maybe someone have an idea or can give my a hint. I think it is something trivial. Hopefully ;) Thanks!
Here's Why Tin Can LMS Is The Future. Sharable Content Object Reference Model (SCORM), is a protocol that enables two elearning tools to communicate with each other. In the elearning industry, this kind of tool is a necessity because it connects course developers, different platforms, and learners.
As the reigning alternative to SCORM, xAPI is the 'future-proof' option. xAPI is also more reliable than SCORM. It is a newer standard, which means it is built to adapt better with the current software.
The technical detail of the xAPI spec allows it to capture more and richer data, more reliably than SCORM. A powerful LMS like LearnUpon allows you to automate reports based on the incredibly detailed data xAPI tracks.
SCORM 1.2 offers a single value to store course statuses (complete, incomplete, failed, attempted, browsed). There is no way to discern if a learner who completed the course passed the final quiz or not. SCORM 2004 fixes this issue by separating completion and success statuses.
Your specific problem is the Access-Control-Allow-Origin header https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSAllowOriginNotMatchingOrigin
So we are on sosafe.de and the skorm course is on lms0.sosafe.de This will cause the CORS errors. You need your response headers to be accepted.
You can do this with your apache config. This will allow the response to get through.
SetEnvIf Origin "http(s)?:\/\/(.+\.)?sosafe\.de(:\d{1,5})?$" CORS=$0
Header set Access-Control-Allow-Origin "%{CORS}e" env=CORS
Header merge Vary "Origin"
You don't have to use this code exactly but, modify the server to add the header Access-Control-Allow-Origin. If you do Access-Control-Allow-Origin: *
this would enable cross-origin requests from anywhere (though you should just allow domains you trust). This should solve your problem.
Else they should be on the same domain. which may not be possible due to the design of SCOL-R the scorm connector that allows you to reach the API.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With