• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Potential Functionality Issues (Security) with HTML Content

Explorer ,
Dec 03, 2024 Dec 03, 2024

Copy link to clipboard

Copied

Good day, all; 

 

I am having an issue with HTML content from Captivate and I'm not sure there's anything I can do about it or, if there is, what that might be. 

 

I created a Captivate lesson for my institution last year that was fairly straightforward. It had graphics, audio and a few questions which I built (rather than use the question feature). The lesson was exported as a SCORM package and no issues were encountered by any of the nearly 100 people who completed it. 

 

For this year, however, the institution requested me to publish it as an HTML package as they wanted to offer it on the website (rather than within the LMS). I packaged it and sent it off as requested and while it functionally works, it got rejected by IT due to some issues as quoted below (from two separate emails to me)(red text added by me):

 

The first, when I said there was nothing in the file (meaning I had added no links to external widgets, etc.): "However, the files you provided...also include outdated versions of JavaScript."

 

The second, when issues were checked from the IT side: "These materials, which were originally created in a local environment, relies on proprietary JavaScript files (e.g., cp.js, cpXHRLoader.js) that must be properly loaded for key features—like interactive elements, slide transitions, and media playback—to work correctly. If these files are missing, misconfigured, or not properly referenced, functionality may break when moved to the live site."

 

Based on these points the lesson has been rejected "until an updated version that resolves these issues" can be provided. Unfortunately, I don't know how to fix this or if it can be fixed. I just published normally as an HTML file in Captivate without doing anything special. 

 

I created this lesson on a Mac, using Adobe Captivate 2019 (11.5.5) (which my 'check for updates' look returns as being up to date). 

 

Has anyone come across anything like this before? Or are there any ideas of how I can fix the identified issues? I don't want to have to build this whole thing again in another program, so any suggestions of how I can rectify this would be appreciated! 

 

Thanks!

Views

113

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 04, 2024 Dec 04, 2024

Copy link to clipboard

Copied

I would certainly suggest that you DO update your Captivate 2019 version to the latest available (11.8.x).

 

But that isn't necessarily going to automatically fix what your IT department are complaining about.

 

I am assuming by their statement about "outdated versions of Javascript" they are probably referring to the fact that Captivate 2019 still uses some JavaScript functions that modern browsers no longer support.  However, that doesn't mean that anything bad is going to happen as a result.  I would be asking your IT department to specify exactly WHICH JavaScript issues they object to.  Their statement is vague.

 

As regards their other complaint about "proprietary Javascript files" this too is somewhat ridiculous.  The cpm.js file is a huge Javascript file that is constructed directly from your Captivate CPTX project file and of course it must be properly loaded for everything to work properly.  The cpXHRLoader.js file is also custom generated at publish time.  But if your IT department had actually opened that JS file they would have seen that permission is given for the file to be used in output.  So in what way are these files unable to be used?

 

A typical Captivate HTML5 output ensures that all required files are encapsulated inside the output folder.  When you test Preview the project on your development computer (yes it could be called a 'local environment') you are basically just running the output inside a temporary localhost webserver that Captivate creates for the occasion.  If the content can run in your localhost webserver then it should also work on your organisation's web server as well.  Did the IT department actually TRY to copy the output to a folder on their TEST webserver to see if it worked?  It does not appear that they have done so.

 

Honestly, I think your IT department are just being difficult to deal with.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Contributor ,
Dec 04, 2024 Dec 04, 2024

Copy link to clipboard

Copied

Well said Rod!!  I totally agree!!!!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Dec 06, 2024 Dec 06, 2024

Copy link to clipboard

Copied

LATEST

Again they seem to be fond of giving vague answers  ("some network and security issues").

 

Just keep pushing them for specifics.  Let them know that if you don't understand their answers then you will be posting the question here on the forum where there are people that DO understand technobabble.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Dec 04, 2024 Dec 04, 2024

Copy link to clipboard

Copied

Thank you so much @RodWard for your reply.

 

Honestly, I'm glad you've put it the way you have, as I was really confused about their response to me, particulary the part about the JavaScript files needing to be properly loaded; if they are part of the whole package why wouldn't they be properly loaded? 

 

They said they did test it on our server (this follows on after a long period when the package I first created wouldn't work on a server - a very weird little thing happened that I don't quite understand but I guess that's for another post and the package now works so it's a bit moot) and that it does work. But then they sent me this: "Thanks for sharing the interactive files. I’ve successfully uploaded them; however, there are some network and security issues that have come up, which I’ve already forwarded to the security team...I’ll keep you updated on whether the current version works or if we need another one." (underlining is theirs). 

 

I will try to update Captivate today. I am using the version I am because I am a Mac user and at work I have two machines: one that runs Sonomoa (which I believe Captivate still doesn't work on 🤔) and an older one that I basically keep around for Captivate. I'm hesitant to update it because if Captivate doesn't work on it I'll be in a pickle. I will install the most updated version I can on one of my home Macs, one running on Ventura, and see if it works. As you say, though, I doubt it will fix the issue they are having concerns with.

 

If I can push a bit further, can you guide me on how to respond to them? I'm sure they're going to use some fancy IT lingo to try to confuse me lol but if they don't accept this I'm going to have to build this whole thing over again in another program, and I just don't have time for that. 

 

Thanks!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Help resources