In the interest of user privacy, most modern web browsers provide an option to "prevent cross-site tracking." The intention of this feature is to limit how one's browsing activities can be correlated.
However, users of some browsers - especially Apple's Safari for Mac OS - have encountered problems with accessing some legitimate site content. In particular, some users of the Canvas Learning Management System (LMS) for education find the majority of the image content of their educational course materials unavailable - the browser displays a "broken link" placeholder (see first image above). Apparently, the Canvas LMS hosts image content in a manner which resembles the 3rd-party advertising servers which are used for cross-site tracking.
Un-checking the "Prevent cross-site tracking" feature of the web browser MAY rectify image-loading in Canvas LMS.
NOTE: Disabling cross-site tracking potentially exposes the user to cross-site tracking practices. That said, many internet users do NOT have this feature available or enabled. If you are concerned about cross-site tracking, you can:
- Turn ON "prevent cross-site tracking" features when not using Canvas LMS
- Use a different web browser with Canvas LMS (i.e., Chrome, Firefox, Safari for iOS/iPhone)
Response from Canvas LMS Representative About This IssueOn May 4, 2020, a support representative of the Canvas LMS developer Instructure posted the following on this Canvas LMS community forum thread:
In early April, Apple released Safari updates that included a major update to a feature called Intelligent Tracking Protection (ITP). This feature implements new limitations to resources like files that are loaded on pages from a third-party site, and it behaves differently than similar systems implemented in other browsers like Chrome and Firefox.
This update affected the mechanism that Canvas uses to securely host and transmit uploaded files, including images. Users may experience files that fail to download, or images that fail to display. This behavior is due to redirection in the authentication implementation of Canvas’ secure file system, which Safari detects as a “third-party” site because it resides on a different domain.
Our engineering teams are actively investigating solutions to this issue, but a timeline is not yet available.
In the meantime, there are two workarounds:
For users who have access to another browser like Chrome, Firefox, or Edge, those browsers do not experience this issue. Using one of these alternative browsers is the recommended solution.
For users who only have access to Safari, temporarily disabling the “Prevent cross-site tracking” option in the browser privacy settings will restore Canvas functionality. Users may wish to only disable this option temporarily while using Canvas, and then re-enable it before using other sites. More information on this setting is available here: https://support.apple.com/guide/safari/prevent-cross-site-tracking-sfri40732/mac