search

keplergl / kepler.gl

Kepler.gl is a powerful open source geospatial analysis tool for large-scale data sets.
http://kepler.gl
MIT License
10.38k stars 1.74k forks source link

[Bug][Jupyter Widget] localStorage causing SecurityError #1488

Open chrisgervang opened 3 years ago

chrisgervang commented 3 years ago

Describe the bug When using the jupyter kepler plugin in Databricks (which is a hosted jupyter notebook), there is an intermittent localStorage issue causing the kepler widget to break on load.

To Reproduce There isn't a clear way to reproduce this issue. It seems to happen every couple of weeks. We've noticed clearing cookies and cache in Chrome sometimes resolves the issue, it has also been reported that it has unintentionally been resolved after a couple days (users don't know why the issue goes away when it does).

Expected behavior When this error is experienced, I'd expect it to be caught and gracefully handled. While performing a code review for localStorage usage, it seems to only be used in the widget html template for google analytics. Perhaps we can provide a config flag to disable google analytics if it's the issue.

Screenshots

Screen Shot 2021-05-19 at 3 25 07 PM

Environment (please complete the following information):

Additional context The widget only appears to use localStorage for google analytics. https://github.com/keplergl/kepler.gl/blob/14c35fc048a745faab0c6770cab7a4625ccedda3/bindings/kepler.gl-jupyter/js/template/keplergl-html.ejs#L102

macrigiuseppe commented 3 years ago

@chrisgervang we can look into it but in the meanwhile you can edit the export html file as workaround

chrisgervang commented 3 years ago

We haven't been able to work around this since the kepler widget is embedded in a iframe within serialized jupyter notebook exported to an html file, rather than simply the kepler html file on its own. I attempted to work around all these layers, but our existing files can't easily be fixed.

The issue seems to be that in our ipython notebook environment (provided by databricks), every display() call sandboxes the widget in an iframe. Since kepler is in an iframe, cross-domain issues like this can occur.

nanshanli commented 2 years ago

For us, the same issue consistently arises within Databricks when the "block third party cookies" setting in the browser is enabled. As that setting is controlled by the organisation administrator on our corporate network, our only workaround thus far has been to remove the google analytics script in the binding (similar to as in your PR).