1. Navigate to the LTI configuration page via Site Administration > Plugins > Activity Modules > External Tool > Manage tools (mod/lti/toolconfigure.php)
2. Mouse over "Alternatively, you can configure a tool manually." and verify there is no sesskey.
3. Click on "configure a tool manually" and verify the page loads
4. Add a placeholder Tool name and Tool URL and click save.
5. Under tools, mouse of the edit icon of the newly created tool and verify there is no sesskey in the upgrade link.
6. Back at the top of the page under Add tool, click on "Manage preconfigured tools" (/admin/settings.php?section=modsettinglti)
7. Mouse over "Add preconfigured tool" and verify there is no sesskey
8. Mouse over the edit icon and verify there is no sesskey.
9. Mouse over the delete icon. There will still be a sesskey. Click on this to reject the tool.
10. Click on the "Rejected tab"
11. Mouse over the check icon. There will still be a sesskey. Click on this to accept the tool.
12. Return to the LTI configuration page from step 1.
13. Click on "Manage external tool registrations" (/mod/lti/toolproxies.php)
14. Mouse over "Configure a new external tool registration" and verify there is no sesskey
15. Click on "Configure a new external tool registration" and verify the page loads
16. Add a placeholder name/url and capability/services, and click save.
17. Mouse over the edit icon and verify there is no sesskey.

Code verified against automated checks.

Checked MDL-85333 using repository: https://github.com/bwalkerl/moodle/

• MOODLE_405_STABLE (0 errors / 0 warnings) [branch: MDL-85333-LTI-sesskey-MOODLE_405_STABLE | CI Job]
• MOODLE_500_STABLE (0 errors / 0 warnings) [branch: MDL-85333-LTI-sesskey-MOODLE_500_STABLE | CI Job]
• main (0 errors / 0 warnings) [branch: MDL-85333-LTI-sesskey | CI Job]

_{More information about this report}

Built on: Tue May 13 00:38:28 UTC 2025

Launching automatic jobs for branch MDL-85333-LTI-sesskey-MOODLE_405_STABLE

• https://ci.moodle.org/view/Testing/job/DEV.02%20-%20Developer-requested%20PHPUnit/19297/ PHPUnit (sqlsrv)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/65933/ Behat (NonJS - boost and classic)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/65934/ Behat (Firefox - boost)

Launching automatic jobs for branch MDL-85333-LTI-sesskey-MOODLE_500_STABLE

• https://ci.moodle.org/view/Testing/job/DEV.02%20-%20Developer-requested%20PHPUnit/19298/ PHPUnit (sqlsrv)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/65935/ Behat (NonJS - boost and classic)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/66137/ Behat (Firefox - boost)

Launching automatic jobs for branch MDL-85333-LTI-sesskey

• https://ci.moodle.org/view/Testing/job/DEV.02%20-%20Developer-requested%20PHPUnit/19299/ PHPUnit (sqlsrv)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/66139/ Behat (NonJS - boost and classic)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/66138/ Behat (Firefox - boost)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/65940/ Behat (Firefox - classic)
• https://ci.moodle.org/view/Testing/job/DEV.01%20-%20Developer-requested%20Behat/65941/ App tests (stable app version)

Built on: Tue May 13 03:16:52 UTC 2025