Install H5P quiz plugin
Luke and I have been in conversation with Emily Fairey at Brooklyn College (a watcher on this ticket, too), who is working with faculty who are interested in using the H5P plugin for OER-related quizzing. Boone, can you please look this over and let us know whether it meets security requirements? From our conversations with Emily, it sounds like H5P offers features not currently offered by our other form and quiz plugins.
I've add Emily, Luke, and Scott as watchers here. And the Open@CUNY blog just did a post on H5P -- https://openatcuny.commons.gc.cuny.edu/2018/06/18/easily-make-oer-content-interactive-with-h5p/
#1 Updated by Boone Gorges over 3 years ago
- Status changed from Assigned to Reporter Feedback
H5P's Content Types are not part of the WordPress plugin. As such, there's no way to perform a static security scan on them. These types are either pulled dynamically from the official H5P library, or are uploaded by users, who may create and share them.
If we want to allow H5P on the Commons, we need to make decisions about the level of risk (or, conversely, trust) we want to take on.
1. We could allow Content Types from the official H5P library. This involves trusting that the maintainers of the H5P library don't allow for security vulnerabilities. (Most are developed by their "Core Team", though it sounds like there's a push to accept more Types developed by the "community" - ie, third parties.)
2. We could allow arbitrary H5P uploads from Commons users. This involves trusting that our users aren't malicious (or dupe-able).
I'd strongly recommend against 2. As in the case of custom WP plugins/themes, we should be doing a full code review of any items provided by members of the Commons community. Members who don't like this policy are always welcome to set up their own WordPress sites, where they're in full control.
As for 1: I don't know enough about the H5P project https://h5p.org/about-the-project to know what to think. As of right now, a realistic appraisal of the risks is probably that there's next to no risk. But if if there were to be a breach, now or in the future, the ramifications would be very serious. Wearing the conservative hat of the person who has to deal with potential fallout, I'd recommend against its use. But if there's a sense that this would be a valuable tool for many Commons users, the risk/overhead may be worth it.