Open ggrrll opened 1 year ago
RRosio
commented
1 year ago Hi @ggrrll thank you for submitting this issue. Are you running from a directory where you have the needed permissions? Does this issue come up if you run from a different directory?
ggrrll
commented
1 year ago yes, I didn't have problems actually last week (also, I do not have issues with jupyter lab) ... the only thing it changed in the meantime, as far as I can see, it's the installation of jupyter lab indeed
burnpanck
commented
1 year ago I also started to observe this behaviour, though I do not know what changed in my environment. I am on macOS 13.1, with latest Chrome. I start the jupyter notebook server via the terminal from my home directory as always, which then automatically launches the browser on the jupyter notebook file browser page. I can then successfully open a notebook, but just a few seconds later, it stopps working ("forbidden"). If I refresh the file browser page, it asks me for the token. I can enter the token, which will successfully forward me then to the file browser page. However, after a short time, the same behaviour repeats. Here is a log sequence:
[I 10:51:18.092 NotebookApp] 302 GET /tree(::1) 0.880000ms
[I 10:51:25.358 NotebookApp] 302 POST /login?next=%2Ftree(::1) 0.450000ms
[I 10:51:33.971 NotebookApp] Starting buffering for 5573df50-2df6-4ee0-b765-3e33b1dba59e:5647864a30654db5996e976155e05961
[W 10:51:34.234 NotebookApp] 404 GET /nbextensions/itkwidgets/extension.js?v=20230123103457 (::1) 1.080000ms referer=http://localhost:8888/notebooks/test.ipynb
[W 10:51:34.234 NotebookApp] 404 GET /nbextensions/k3d.js?v=20230123103457 (::1) 1.000000ms referer=http://localhost:8888/notebooks/test.ipynb
[W 10:51:34.235 NotebookApp] 404 GET /nbextensions/k3d/extension.js?v=20230123103457 (::1) 0.420000ms referer=http://localhost:8888/notebooks/test.ipynb
[W 10:51:35.309 NotebookApp] 404 GET /nbextensions/widgets/notebook/js/extension.js?v=20230123103457 (::1) 0.670000ms referer=http://localhost:8888/notebooks/test.ipynb
[E 10:51:35.318 NotebookApp] Error unpacking user from cookie: Extra data: line 1 column 4 (char 3)
[W 10:51:35.318 NotebookApp] Clearing invalid/expired login cookie username-localhost-8888
[W 10:51:35.318 NotebookApp] 403 POST /nbdime/api/isgit (::1) 0.520000ms referer=http://localhost:8888/notebooks/test.ipynb
[W 10:51:35.404 NotebookApp] ForbiddenThe Cookie sent with one of the requests in this sequence looks as follows:
_xsrf=2|f9f65056|e080112f10d8f97a6e89c2d3346e811d|1674467478; username-localhost-8888="2|1:0|10:1674467485|23:username-localhost-8888|44:MzM0YmMyZGI5MzE3NGQ2NDhjZjBiNzI0MjExMGE1Yjg=|009cfe582cb0223f2dd093202edef9ad82cce34ba58f994d71033a5d1619c387"might be related to #2396
ggrrll
commented
1 year ago btw, this issue seems to be affecting also other tool, like nbdiff-web (https://nbdime.readthedocs.io)
hereby the console error
[E web:1798] Uncaught exception GET /difftool (127.0.0.1)
HTTPServerRequest(protocol='http', host='127.0.0.1:52958', method='GET', uri='/difftool', version='HTTP/1.1', remote_ip='127.0.0.1')
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/tornado/web.py", line 1692, in _execute
result = await result
File "/usr/local/lib/python3.9/site-packages/jupyter_server/base/handlers.py", line 608, in prepare
_user = await _user
File "/usr/local/lib/python3.9/site-packages/jupyter_server/auth/identity.py", line 241, in _get_user
_cookie_user = self.get_user_cookie(handler)
File "/usr/local/lib/python3.9/site-packages/jupyter_server/auth/identity.py", line 399, in get_user_cookie
_user_cookie = handler.get_secure_cookie(
File "/usr/local/lib/python3.9/site-packages/tornado/web.py", line 773, in get_secure_cookie
self.require_setting("cookie_secret", "secure cookies")
File "/usr/local/lib/python3.9/site-packages/tornado/web.py", line 1592, in require_setting
raise Exception(
Exception: You must define the 'cookie_secret' setting in your application to use secure cookies
[E web:1221] Uncaught exception in write_error
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/tornado/web.py", line 1692, in _execute
result = await result
File "/usr/local/lib/python3.9/site-packages/jupyter_server/base/handlers.py", line 608, in prepare
_user = await _user
File "/usr/local/lib/python3.9/site-packages/jupyter_server/auth/identity.py", line 241, in _get_user
_cookie_user = self.get_user_cookie(handler)
File "/usr/local/lib/python3.9/site-packages/jupyter_server/auth/identity.py", line 399, in get_user_cookie
_user_cookie = handler.get_secure_cookie(
File "/usr/local/lib/python3.9/site-packages/tornado/web.py", line 773, in get_secure_cookie
self.require_setting("cookie_secret", "secure cookies")
File "/usr/local/lib/python3.9/site-packages/tornado/web.py", line 1592, in require_setting
raise Exception(
Exception: You must define the 'cookie_secret' setting in your application to use secure cookies
Not sure this is related to #2396. That thread is overflowing with people not having the right user permissions for the folder they are trying to access. Mine are correct. Also, just disabling token verification is definitely not a solution. On the other hand, #5492 does seem related. Following their thread, I downgraded my jupyter_server package from 2.0.1 to 1.23.5 (i.e. the latest satisfying jupyter_server<2). Now, everything appears to work as expected again. I conclude then that the recent version change did break something.
ggrrll
commented
1 year ago yeah...indeed probably related to https://github.com/jupyter-server/jupyter_server/issues/1038
and yes, downgrading works for me too
drscotthawley
commented
1 year ago Are there any suggested workarounds for this at the moment, e.g. downgrade juptyer, or...?
I would love to be able to edit one of my notebooks right now, but this error is preventing it:
[E 15:52:41.105 NotebookApp] Error unpacking user from cookie: Extra data: line 1 column 4 (char 3)
[W 15:52:41.105 NotebookApp] Clearing invalid/expired login cookie username-localhost-8888And then I get a window showing "Connection Failed":
I do have write permission in the directory - it's my laptop.
Version info:
$ pip list | grep jupyter
jupyter 1.0.0
jupyter-book 0.13.1
jupyter-cache 0.4.3
jupyter_client 7.4.9
jupyter-console 6.4.4
jupyter-contrib-core 0.4.2
jupyter_core 5.1.3
jupyter-events 0.6.3
jupyter-nbextensions-configurator 0.6.1
jupyter_server 2.1.0
jupyter-server-mathjax 0.2.6
jupyter_server_terminals 0.4.4
jupyter-sphinx 0.3.2
jupyterlab-pygments 0.2.2
jupyterlab-widgets 1.1.1
sphinx-jupyterbook-latex 0.4.7
$ python --version
Python 3.10.9
$ pip list | grep ^nb
nbclassic 0.4.8
nbclient 0.5.13
nbconvert 6.5.4
nbdev 2.3.9
nbdime 3.1.1
nbformat 5.7.3MacOS 12.3
This happens for all notebooks I try to open (which I used to be able to open), not just a particular notebook.
I am running the exact jupyter that corresponds with my current Python environment.
drscotthawley
commented
1 year ago Update: Found a workaround via this StackExchange answer:
Running
pip install --upgrade 'jupyter-server<2.0.0'fixed the problem, without changing anything else. :-)
nb-programmer
commented
1 year ago Here is some log output that was resulted from this issue:
[E 19:41:41.186 NotebookApp] Error unpacking user from cookie: Extra data: line 1 column 2 (char 1)
[W 19:41:41.186 NotebookApp] Clearing invalid/expired login cookie username-192-168-0-10-8888How to reproduce:
~/.jupyter/jupyter_notebook_config.json:
{ "NotebookApp": { "password": "argon2:$a<snip>" } }
Problematic cookie example:
"username-192-168-0-10-8888" = "2|1:0|10:1678285174|26:username-192-168-0-10-8888|44:ZjgwNDY3OGY1NWE2NDNiYWJhYjE0YzQzZGFmNzk2ZDY=|700d01ee58758b6ce2239f56d06e27bdc0689e083d9abd0ed85dc01d159749bc" (Not sure if any sensitive data is there in this, tell me please, I'll remove it straight away)
TheCrescentKing
commented
1 year ago I have encountered the same issue as described on previous comments and solved it by using the workaround of downgrading 'jupyter-server' to version 1.23.4
xinyi-joffre
commented
10 months ago Is there any workaround that doesn't involve downgrading jupyter-server? Jupyter-server has a vulnerability, and we are getting flagged that we need to upgrade to at least jupyter-server>=2.11.2
lappemic
commented
9 months ago Downgrading did not solve it for me. I still keep getting:
[W 2024-02-23 16:01:38.253 ServerApp] wrote error: 'Forbidden'
[W 2024-02-23 16:01:38.254 ServerApp] 403 GET /api/sessions?1708700498223 (127.0.0.1) 2.85ms referer=Noneis there anyother fix?
weinbe58
commented
8 months ago I am also having the same problem. when running jupyter-lab I get a stack trace as well:
[W 2024-03-22 10:07:48.569 ServerApp] 403 GET /api/kernels?1711116468549 (@127.0.0.1) 1.40ms referer=None
[W 2024-03-22 10:07:48.569 ServerApp] wrote error: 'Forbidden'
Traceback (most recent call last):
File "/Users/pweinberg/Documents/atom_compiler_dev/flair-python/.venv/lib/python3.11/site-packages/tornado/web.py", line 1788, in _execute
result = method(*self.path_args, **self.path_kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/Users/pweinberg/Documents/atom_compiler_dev/flair-python/.venv/lib/python3.11/site-packages/tornado/web.py", line 3289, in wrapper
url = self.get_login_url()
^^^^^^^^^^^^^^^^^^^^
File "/Users/pweinberg/Documents/atom_compiler_dev/flair-python/.venv/lib/python3.11/site-packages/jupyter_server/base/handlers.py", line 782, in get_login_url
raise web.HTTPError(403)
tornado.web.HTTPError: HTTP 403: ForbiddenNote sure if this is helpful at all.
Describe the bug/ To Reproduce
🚫 When I launch notebook from terminal, it keeps giving
forbiddenerror, when trying to save (in the title, the error message in console, with many 403 warnings)✅ it works fine though if I
launch classical notebookfromjupyter labDesktop (please complete the following information):
some relevant packages from my
pip freeze