I am not seeing anything when I replicate that shows it would be stopped. There is a level of classroom management that has to be accounted for, you are doing your best a webfilter in place and logging the information. Remember CIPA is a best effort not a hard pass/fail rule set like PCI compliance. I know I had to do that for a while, OPENDNS now has a toggle switch for it in the Cisco Umbrella (the name for OpenDNS "enterprise" now i guess?!?). Have you tried enforcing safe search, by with DNS and redirecting them? If you know a Spicehead that oversees a Chromebook fleet, TAG THEM!!!! What I think would help would be if I could somenow disable XMLHttpRequests for a specific domain (), but I can't figure out how the heck to do that.Īlso, keep in mind that since this is all cloud-server side, it is happening on the other side of my Firewall, so it is unable to help.įor those of you running large fleets of Chromebooks in a K12 environment, have you seen this? Have you found a way to stop it? Is it a problem that you didn't even know about?Īny help would be most appreciated. BUT, because of the way they are being called, they are somehow getting through. What is important to note is that any of these individual files, like JavaScript, CSS and Images are not available by themselves in browser. Tried blocking images from the Google Management interface, but if I do that for Google Docs () it blocks ALL images, even the interface. None of it works.įrom what I can tell, the problem is that this is using a POST / GET method to retrieve the javascript and CSS files for the on-screen dialog, and then using the same calls to populate the images. Blocking javascript, blocking CSS, blocking entire domains. Somehow person puts image into document even though they don't have access to the website that image is coming from. More XHR / XMLHttpRequests are used to populate the imagesħ. Person searches for just about what ever they wantĦ. Person clicks SEARCH and selects GOOGLE by default (Keep in mind Google is blocked in multiple ways for this person, so they can't just go to Google and search)ĥ. Google posts a bunch of XHR / XMLHttpRequests and opens a image pickerĤ. Between Clever, Google Classroom, Kiosk Mode, and of course the Chrome Management tools, it has made my life so much easier.īUT, I discovered a flaw in the way that Google Docs works, and it is allowing content to be found from within the Google Docs page.īasically, here is how I have been able to determine how it works:ģ. We have around 200 Chromebooks, which work fantastic.
I am having an issue and I was hoping someone would have an answer. For those of you in the K12 industry, you know the pains of CIPA and how / when / what to block.
0 kommentar(er)
