Rendering user-uploaded files from an alternate domain is a defense-in-depth security control. By uploading a piece of content containing potentially malicious scripts, a user could potentially perform session hijacking on the main Blackboard Learn session once a target user accesses the affected content.

As a method of protection against this type of activity, users can now access user-uploaded files through an alternate domain and a separate session that cannot access cookies from a user's primary Blackboard Learn session. This security control leverages the browser security features, namely the "same-origin policy". As a result, malicious scripts within user-uploaded files that are rendered in one domain or subdomain are segregated from the cookies, and thus the session information, of the primary Blackboard Learn session.

This security control is another defensive layer in Blackboard's security framework to further protect users from potentially malicious user-uploaded files.

Blackboard recommends that administrators configure this security control on all of their Blackboard Learn implementations. This is a Blackboard security best practice.

Separate domain for rendering content

A separate domain or subdomain provides a more secure way of accessing user-uploaded files from a Blackboard Learn server. This separate domain helps prevent user-uploaded content containing malicious script from being used to compromise a user's Blackboard Learn session and thus user data. With a separate domain or subdomain configured, all content is delivered from the original domain to the separate domain, essentially forwarding content to the separate domain. To the user, this is completely seamless.

In the event a user-uploaded file contains malicious scripts to perform session hijacking, the browser's security controls, namely, the "same-origin policy," helps prevent the user's file rendering session from accessing the user's primary session. The user's primary session is used for activity such as taking assessments, viewing grades, and so on. Thus, the attack would be compartmentalized and the impact would be limited. While attackers might gain access to content they normally do not have access to, they will not gain access to a victim's primary session or across the whole site.

Special notes

The Blackboard Learn server located at the alternate hostname will only respond to webdav requests.

Links inside of html hosted on an alternate domain won't be logged.

Any Blackboard Learn installation responding to a request at the alternate hostname cannot be used to perform normal Blackboard Learn functions. As a result, brands and other similar alternate file hostnames cannot use the same hostname as the file domain.

Prerequisites to setting up a separate domain for rendering content

Before you can set up a separate domain for rendering content, you meet the following two prerequisites:

  • You have configured your new separate domain's DNS properly.
  • If your Blackboard Learn installation uses TLS (strongly recommended), you have acquired an additional TLS certificate to support the new separate domain.

    More on TLS Certificates

Set up a separate domain for rendering content

When setting up a separate domain, do not use hostnames that you have set up for brands. If you do, your brands will not function properly.

  1. On the Administrator Panel, under Security, select Safer Dynamic Content Rendering.
  2. A status indicator tells you the status of your alternate separate domain for rendering content:
    • A grayed out status indicates you have not yet set up a separate domain. If you have not set this up, the system functions as it did prior to the introduction of this feature. This is the default setting. Blackboard strongly recommends you set up a separate domain for rendering content to mitigate the risk of session hijacking from malicious user-uploaded files.
    • A green status indicates that the alternate file hostname is properly configured and running.
    • A red status indicates that the separate domain for rendering content is not functioning properly. To learn more, see Troubleshooting Separate Domain for Rendering Content Configuration Failures.
  3. In the Set Separate Domain for Rendering Content field, enter the name of the separate domain.
  4. Select Submit.

Remove a configured separate domain for rendering content

  1. On the Administrator Panel, under Security, select Safer Dynamic Content Rendering.
  2. Leave the Set Separate Domain for Rendering Content field empty.
  3. Select Submit.

Troubleshoot separate domain for rendering content configuration failures

If the separate domain configuration fails:

  • Make sure your DNS is configured properly so that the client's (browser) machine can reach the hostname.
  • Make sure you have the proper TLS certificate.

    More on TLS Certificates

  • Make sure you do not have a brand that uses the same hostname.
  • Make sure that the server at the other end of the hostname is a Blackboard Learn installation.