Use of third-party scripts, browser extensions and add-ons for Canvas

Owned by KP
Last updated: 08 May 2024 by KP
2 min read

Caution

  1. Use of third-party scripts and tools which enable the use of these scripts is at your own risk.

  2. NUS does not guarantee the reliability nor safety of third-party scripts and extensions.

  3. If you choose to install scripts and extensions, only do so from trusted sources.

Scripts from established universities

Generally, scripts provided by established universities for Canvas should be safe to use.

A common source of these scripts is the Office of Information Technology (OIT), University of Colorado Boulder (UCB).

The scripts listed as OIT-Provided Enhancements should be safe as they are developed by OIT, UCB.

Do note that these may not work reliably in NUS as some scripts contain code specific to UCB's Canvas instance.

Please test the scripts you want to use with test data in your sandbox course before using the script with actual data in a live course.

Scripts from Canvas Community

Scripts hosted on Canvas (Instructure) Community should be safe to use.

A common source of these scripts is James Jones, a community champion at Canvas Community.

Do check the profile of those providing the scripts on Canvas Community to see if they are trusted and reliable community contributors.

Do also check the feedback about these scripts on Canvas Community.

Please test the scripts you want to use with test data in your sandbox course before using the script with actual data in a live course.

Browser extensions

Many web browsers allow you to install extensions.

The use of some scripts requires you to install an extension e.g. TamperMonkey.

Other extensions may exist which provide specific functionality e.g. implementing dark mode on Canvas.

Only install extensions from the official pages:

Installing extensions from official extension pages does not remove all risks of installing a malicious extension.

These risks include malware and loss/corruption/transmission of institution or personal data.

You should evaluate the safety of the extensions you want to install.

Questions to ask when evaluating extensions

  • Is the extension available on an official web store?

  • Who built the extension? Do they seem like a reputable source?

  • Does the extension’s Web store listing have proper grammar and logos?

  • Does the extension maker have a web page? Does it seem legit? Is there contact info for the developer?

  • Check the extension’s permissions—what does the extension have permissions to in your browser, and why?

  • Does the extension have a large number of user reviews? Are the reviews positive? Are they recent? (Beware of a string of 5-star reviews, identical comments, or comments all published on the same date.)

  • When you search for the extension, do you find look-alike or “clone” versions? Are you sure you’re installing the right one?

Questions above from Are browser extensions safe? Brave Software, Inc. (retrieved on 14 Oct 2022)

Further reference: Tips for assessing the safety of an extension, Mozilla Corporation