laura at May 20th, 2014 03:43 — #1
Continuing the discussion from Make own TeachingKit:
Hi @jeffmason! Sorry for the frustrations, let's see if @brett (knows Webmaker inside and out) @toolness (superstar dev) or @chadsansing (uses Thimble extensively in his own classroom) have some ideas for you.
toolness at May 20th, 2014 05:41 — #2
Hey @jeffmason! For security reasons, the preview area is an
<iframe> hosted on an entirely separate domain, at
mozillathimblelivepreview.net. So your IT folks will want to whitelist that too, and likely also
*.makes.org, as that's where your students' makes will be hosted once they're saved.
shelleyvadams at May 20th, 2014 07:51 — #3
@jeffmason You can also use the RequestPolicy Firefox add-on to see the domains used for cross-site requests.
By setting the "Default Policy" preference to
Block requests by default. (For advanced users. Breaks many websites.)
you can use it to simulate how the school's heavy filtering will impact individual Webmaker projects, which may fetch images, stylesheets, fonts, etc. from various domains.
jeffmason at May 20th, 2014 07:58 — #4
Thanks for the discussion help @laura and the tech information @toolness, I will get these domains to IT today. Thanks, too, @ShelleyVAdams. I figured this was happening. It s good to know that there is a tool (Request Policy) to help me shed some light on what information I can send to IT (blasted filters). I have one more class, Friday, before the end of the year. I am optimistic that it will work just fine.
chadsansing at May 20th, 2014 09:50 — #5
@jeffmason I am happy to see solutiuons abound! My first bit of advice would have been to do exactly what you did in getting the first (and second) domain white-listed. Once in a while, a coding error or call to an 'http' rather than 'https' asset, like an external stylesheet or script, will also blank the preview plane until the bug is fixed or an 'https' is put in place of 'http.'
jeffmason at May 20th, 2014 10:27 — #6
I sent the new domains to IT this morning and they have been whitelisted. I've logged in to a student workstation and everything appears to be in good working order. Yeah! and thanks to all. I will document these domains for the time being. When I return in the Fall I may have to repeat the process.
karensmith at May 20th, 2014 14:31 — #7
Big shout out to @jeffmason and everyone having this conversation in the open. This is a problem many have and will face!
dougbelshaw at May 21st, 2014 05:44 — #8
Agreed, thanks for raising this @jeffmason. I'll point the Webmaker product team towards this as it's something that should be documented on the site itself.
Update: I filed a bug. You can add yourself to the 'cc' list at the top-right if you want to get updates on its progress! https://bugzilla.mozilla.org/show_bug.cgi?id=1013858
dougbelshaw at May 22nd, 2014 11:41 — #9
OK, @brett has suggested we create a SUMO* article for this. I wonder if @jeffmason, @toolness, @ShelleyVAdams, @laura and @KarenSmith would be up for helping with that?
* SUMO is short for 'SUpport MOzilla'
karensmith at June 5th, 2014 09:25 — #10
I don't have the domain knowledge here but I started an etherpad if people want to insert steps they've taken to overcome this. https://etherpad.mozilla.org/sumo-whitelist
The etherpad is also linked from the bug.
dougbelshaw at June 9th, 2014 05:36 — #11
Thanks @KarenSmith. I'm not in a position to test either (not behind institutional firewall) but happy to help shepherd if people jump in.