hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-14 13:33:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

various singleuser header fixes

Browse Source 
- always set content security policy header, to workaround bug in notebook 5.0
- set x-jupyterhub-version on all requests, not just our own
- fix version comparison in _check_version (leftover `__version__`)
- even log version matches at debug-level (verifies that check happened)
This commit is contained in:
Min RK
2017-07-20 11:57:39 +02:00
parent 0fd1a95405
commit 40dcbedc2a
2 changed files with 26 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
jupyterhub/_version.py
View File

@@ -27,7 +27,7 @@ def _check_version(hub_version, singleuser_version, log):
if hub_version != singleuser_version: if hub_version != singleuser_version:
from distutils.version import LooseVersion as V from distutils.version import LooseVersion as V
hub_major_minor = V(hub_version).version[:2] hub_major_minor = V(hub_version).version[:2]
singleuser_major_minor = V(__version__).version[:2] singleuser_major_minor = V(singleuser_version).version[:2]
if singleuser_major_minor == hub_major_minor: if singleuser_major_minor == hub_major_minor:
# patch-level mismatch or lower, log difference at debug-level # patch-level mismatch or lower, log difference at debug-level
# because this should be fine # because this should be fine
@@ -36,5 +36,7 @@ def _check_version(hub_version, singleuser_version, log):
# log warning-level for more significant mismatch, such as 0.8 vs 0.9, etc. # log warning-level for more significant mismatch, such as 0.8 vs 0.9, etc.
log_method = log.warning log_method = log.warning
log_method("jupyterhub version %s != jupyterhub-singleuser version %s", log_method("jupyterhub version %s != jupyterhub-singleuser version %s",
hub_version, __version__, hub_version, singleuser_version,
) )
else:
log.debug("jupyterhub and jupyterhub-singleuser both on version %s" % hub_version)

24
jupyterhub/singleuser.py
View File

@@ -13,7 +13,7 @@ from jinja2 import ChoiceLoader, FunctionLoader
from tornado.httpclient import AsyncHTTPClient from tornado.httpclient import AsyncHTTPClient
from tornado import gen from tornado import gen
from tornado import ioloop from tornado import ioloop
from tornado.web import HTTPError from tornado.web import HTTPError, RequestHandler
try: try:
import notebook import notebook
@@ -400,8 +400,14 @@ class SingleUserNotebookApp(NotebookApp):
s['hub_prefix'] = self.hub_prefix s['hub_prefix'] = self.hub_prefix
s['hub_host'] = self.hub_host s['hub_host'] = self.hub_host
s['hub_auth'] = self.hub_auth s['hub_auth'] = self.hub_auth
s['csp_report_uri'] = self.hub_host + url_path_join(self.hub_prefix, 'security/csp-report') csp_report_uri = s['csp_report_uri'] = self.hub_host + url_path_join(self.hub_prefix, 'security/csp-report')
s.setdefault('headers', {})['X-JupyterHub-Version'] = __version__ headers = s.setdefault('headers', {})
headers['X-JupyterHub-Version'] = __version__
# set CSP header directly to workaround bugs in jupyter/notebook 5.0
headers.setdefault('Content-Security-Policy', ';'.join([
"frame-ancestors 'self'",
"report-uri " + csp_report_uri,
]))
super(SingleUserNotebookApp, self).init_webapp() super(SingleUserNotebookApp, self).init_webapp()
# add OAuth callback # add OAuth callback
@@ -410,8 +416,20 @@ class SingleUserNotebookApp(NotebookApp):
OAuthCallbackHandler OAuthCallbackHandler
)]) )])
# apply X-JupyterHub-Version to *all* request handlers (even redirects)
self.patch_default_headers()
self.patch_templates() self.patch_templates()
def patch_default_headers(self):
if hasattr(RequestHandler, '_orig_set_default_headers'):
return
RequestHandler._orig_set_default_headers = RequestHandler.set_default_headers
def set_jupyterhub_header(self):
self._orig_set_default_headers()
self.set_header('X-JupyterHub-Version', __version__)
RequestHandler.set_default_headers = set_jupyterhub_header
def patch_templates(self): def patch_templates(self):
"""Patch page templates to add Hub-related buttons""" """Patch page templates to add Hub-related buttons"""