Closed o-smirnov closed 6 years ago
o-smirnov
commented
6 years ago I'm guessing Jupyter gives the browser session a cookie/authentication token, and then doesn't answer GET requests properly unless the requester has the token. Which wget obviously doesn't -- but why, when JS9 inside my browser session asks for the image, is the token not there?
o-smirnov
commented
6 years ago ...ah, because JS9 is running inside a sandboxed document, as the earlier message suggests, and sandboxed documents don't see the cookies. But at what level is it getting sandboxed, that's what I don't understand...
ericmandel
commented
6 years ago I think it's the same can of worms in the sense that it might be a losing battle to utilize the internal Tornado web server without a lot of Jupyter-centered development effort. The initial (unsatisfactory) answer I got for my Jupyter issue at:
https://github.com/ipython/ipython/issues/11216also refers to the sandbox problem but does not really explain what to do:
The CORS error that you get is because we set a sandboxing header to treat HTML files as a separate origin, so that a malicious HTML file you view can't talk to your Jupyter server and take over your computer. Sigh, ok, losing battle indeed. At least I understand the issue now, if not how to go about solving it...
But I can get by with a separate web server for the time being....
ericmandel
commented
6 years ago So let's concentrate on getting JS9 to do the right thing for your use case, and there can be a wider discussion of how to deal with Tornado later -- we need expert advice on this.
What I'd like to do is send new versions of js9Helper.js to try (still not sure why the last interaction did not find the FITS file right under its nose). The first will have the ability to override preferences via JSON on the command line, so you can tailor each individual's prefs on the fly. These sorts of changes are reasonable to make in any case.
Do you want me to continue doing this via Github, or through email?
o-smirnov
commented
6 years ago So let's concentrate on getting JS9 to do the right thing for your use case, and there can be a wider discussion of how to deal with Tornado later -- we need expert advice on this.
Agreed!
Do you want me to continue doing this via Github, or through email?
I prefer github, as I do want @Mulan-94 to take over this effort at some point -- it may help her to have a continuing record of our tribulations.
As for sending test code, wouldn't you rather make an experimental branch in the JS9 repo, and push changes to that? Again, it would give us a natural a record of what's been tried or not.
I'm clocking out for the day, but will pick it up again tomorrow. I really appreciate all the help!
ericmandel
commented
6 years ago OK. Github is great to use and I'll see if a new branch is warranted as I dig into this. It's actually good that you are clocking out now ... I gotta think, but I expect to have something interesting for you by tomorrow.
o-smirnov
commented
6 years ago OK I think it's all clear what was going on here, and how to work around it. I just need to figure out how to inject code into new windows (https://github.com/ratt-ru/radiopadre-devel/issues/3), then everything can be served via Jupyter.
@ericmandel, posting this separately as I think this is a different can of worms yet again. Or perhaps the same one. :)
So I went back to loading JS9 via Tornado... What you describe here works for me... but what doesn't work is calling JS9.Load() and giving it the name of a server-side file. The file does not display.
In the browser JS console I see:
In the terminal where Jupyter is running I see it fetching the FITS file:
But in the Network tab of the JS console I see:
If you look carefully, none of those entries look like the original FITS image is being returned. Yet if I type
http://localhost:11000/files/3C147-CD-LO-spw0-s7-lwimager.fullrest.fits?r=0.6195409086419028into the address bar, it happily downloads the full FITS image.If I try to download from the command line with wget
I get back an HTML document instead:
I've got a hunch this is the same problem as #4. You probably get that HTML error back instead of the WASM document. And maybe the socket.io issue is the same thing...