Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nbgitpuller not working on JupyterHub after latest updates #344

Closed
jrdnbradford opened this issue Mar 28, 2024 · 7 comments · Fixed by #346
Closed

nbgitpuller not working on JupyterHub after latest updates #344

jrdnbradford opened this issue Mar 28, 2024 · 7 comments · Fixed by #346
Labels
bug

Comments

@jrdnbradford
Copy link
Contributor

jrdnbradford commented Mar 28, 2024
edited
Loading

Bug description

nbgitpuller not synchronizing repositories on TLJH after latest JupyterHub updates. Issue occurs when updating already existent TLJH and when it is installed from scratch. I think it has something to do with XSRF/cookie changes in the latest JupyterHub version.

Edit: Z2JH has a similar issue and results in a 404.

See the detailed logs.

How to reproduce

  1. Create a nbgitpuller link via https://nbgitpuller.readthedocs.io or the extension.
  2. Use the link on the latest version of TLJH.

Expected behaviour

Repository should synchronize and then open the UI to the repo directory/file.

Actual behaviour

No sync occurs and the page freezes:
image

Your personal set up

  • OS:
    Ubuntu 22.04
  • Version(s):
    Littlest JupyterHub running JupyterHub 4.1.3
Full environment 
> source /opt/tljh/hub/bin/activate
> pip list
Package                          Version
-------------------------------- ----------
aiohttp                          3.9.1
aiosignal                        1.3.1
alembic                          1.13.1
async-generator                  1.10
async-timeout                    4.0.3
attrs                            23.2.0
backoff                          2.2.1
bcrypt                           4.1.2
cachetools                       5.3.2
certifi                          2023.11.17
certipy                          0.1.3
cffi                             1.16.0
charset-normalizer               3.3.2
cryptography                     41.0.7
escapism                         1.0.1
frozenlist                       1.4.1
google-api-core                  2.15.0
google-api-python-client         2.112.0
google-auth                      2.26.1
google-auth-httplib2             0.2.0
google-auth-oauthlib             1.2.0
googleapis-common-protos         1.62.0
greenlet                         3.0.3
httplib2                         0.22.0
idna                             3.6
Jinja2                           3.1.2
jsonschema                       4.20.0
jsonschema-specifications        2023.12.1
jupyter-telemetry                0.1.0
jupyterhub                       4.1.3
jupyterhub-firstuseauthenticator 1.0.0
jupyterhub-idle-culler           1.3.1
jupyterhub-ldapauthenticator     1.3.2
jupyterhub-nativeauthenticator   1.2.0
jupyterhub-systemdspawner        1.0.1
jupyterhub-tmpauthenticator      1.0.0
jupyterhub-traefik-proxy         1.1.0
ldap3                            2.9.1
Mako                             1.3.0
MarkupSafe                       2.1.3
multidict                        6.0.4
oauthenticator                   16.3.0
oauthlib                         3.2.2
onetimepass                      1.0.1
packaging                        23.2
pamela                           1.1.0
passlib                          1.7.4
pip                              24.0
pluggy                           1.3.0
prometheus-client                0.19.0
protobuf                         4.25.1
pyasn1                           0.5.1
pyasn1-modules                   0.3.0
pycparser                        2.21
pycurl                           7.45.2
PyJWT                            2.8.0
pyOpenSSL                        23.3.0
pyparsing                        3.1.1
python-dateutil                  2.8.2
python-json-logger               2.0.7
referencing                      0.32.1
requests                         2.31.0
requests-oauthlib                1.3.1
rpds-py                          0.16.2
rsa                              4.9
ruamel.yaml                      0.17.40
ruamel.yaml.clib                 0.2.8
setuptools                       59.6.0
six                              1.16.0
SQLAlchemy                       2.0.25
the-littlest-jupyterhub          1.0.0
toml                             0.10.2
tornado                          6.4
traitlets                        5.14.1
typing_extensions                4.9.0
uritemplate                      4.1.1
urllib3                          2.1.0
yarl                             1.9.4

> source /opt/tljh/user/bin/activate 
> pip list
Package                   Version
------------------------- ---------------
aiohttp                   3.9.3
aiosignal                 1.3.1
aiosqlite                 0.19.0
alembic                   1.13.1
annotated-types           0.6.0
anyio                     4.2.0
argon2-cffi               23.1.0
argon2-cffi-bindings      21.2.0
arrow                     1.3.0
asttokens                 2.4.1
async-generator           1.10
async-lru                 2.0.4
async-timeout             4.0.3
attrs                     23.2.0
Babel                     2.14.0
beautifulsoup4            4.12.2
bleach                    6.1.0
brotlipy                  0.7.0
certifi                   2022.12.7
certipy                   0.1.3
cffi                      1.15.1
charset-normalizer        3.1.0
click                     8.1.7
cloudpickle               3.0.0
colorama                  0.4.6
comm                      0.2.1
conda                     23.1.0
conda-package-handling    2.0.2
conda_package_streaming   0.7.0
contourpy                 1.2.0
cryptography              40.0.1
cycler                    0.12.1
dask                      2024.1.1
dataclasses-json          0.6.4
debugpy                   1.8.0
decorator                 5.1.1
deepmerge                 1.1.1
defusedxml                0.7.1
distributed               2024.1.1
et-xmlfile                1.1.0
exceptiongroup            1.2.0
executing                 2.0.1
faiss-cpu                 1.7.4
fastjsonschema            2.19.1
fonttools                 4.47.0
fqdn                      1.5.1
frozenlist                1.4.1
fsspec                    2024.2.0
gitdb                     4.0.11
GitPython                 3.1.40
greenlet                  3.0.3
idna                      3.4
importlib-metadata        7.0.1
ipykernel                 6.28.0
ipython                   8.20.0
ipywidgets                8.1.1
isoduration               20.11.0
jedi                      0.19.1
Jinja2                    3.1.2
joblib                    1.3.2
json5                     0.9.14
jsonpatch                 1.33
jsonpath-ng               1.6.1
jsonpointer               2.4
jsonschema                4.20.0
jsonschema-specifications 2023.12.1
jupyter_ai_magics         2.10.0
jupyter-archive           3.4.0
jupyter_client            8.6.0
jupyter_core              5.7.1
jupyter-events            0.9.0
jupyter-lsp               2.2.1
jupyter-resource-usage    1.0.1
jupyter_server            2.12.2
jupyter-server-mathjax    0.2.6
jupyter_server_terminals  0.5.1
jupyter-telemetry         0.1.0
jupyterhub                4.1.3
jupyterlab                4.0.10
jupyterlab_git            0.50.0
jupyterlab_pygments       0.3.0
jupyterlab_server         2.25.2
jupyterlab-widgets        3.0.9
kiwisolver                1.4.5
langchain                 0.1.5
langchain-community       0.0.19
langchain-core            0.1.21
langsmith                 0.0.87
libmambapy                1.4.1
locket                    1.0.0
Mako                      1.3.0
mamba                     1.4.1
MarkupSafe                2.1.3
marshmallow               3.20.2
matplotlib                3.8.2
matplotlib-inline         0.1.6
mistune                   3.0.2
mizani                    0.9.3
msgpack                   1.0.7
multidict                 6.0.5
mypy-extensions           1.0.0
nbclient                  0.9.0
nbconvert                 7.14.0
nbdime                    4.0.1
nbformat                  5.9.2
nbgitpuller               1.2.0
nest-asyncio              1.5.8
nltk                      3.8.1
notebook                  7.0.6
notebook_shim             0.2.3
numpy                     1.26.3
oauthlib                  3.2.2
openpyxl                  3.1.2
overrides                 7.4.0
packaging                 23.2
pamela                    1.1.0
pandas                    2.1.4
pandocfilters             1.5.0
parso                     0.8.3
partd                     1.4.1
patsy                     0.5.6
pexpect                   4.9.0
pillow                    10.2.0
pip                       23.3.2
platformdirs              4.1.0
plotnine                  0.12.4
pluggy                    1.0.0
ply                       3.11
prometheus-client         0.19.0
prompt-toolkit            3.0.43
psutil                    5.9.7
ptyprocess                0.7.0
pure-eval                 0.2.2
pycosat                   0.6.4
pycparser                 2.21
pydantic                  2.6.1
pydantic_core             2.16.2
Pygments                  2.17.2
pyOpenSSL                 23.1.1
pyparsing                 3.1.1
PySocks                   1.7.1
python-dateutil           2.8.2
python-json-logger        2.0.7
pytz                      2023.3.post1
PyYAML                    6.0.1
pyzmq                     25.1.2
referencing               0.32.1
regex                     2023.12.25
requests                  2.31.0
rfc3339-validator         0.1.4
rfc3986-validator         0.1.1
rpds-py                   0.16.2
ruamel.yaml               0.17.21
ruamel.yaml.clib          0.2.7
scikit-learn              1.3.2
scipy                     1.11.4
Send2Trash                1.8.2
setuptools                65.6.3
six                       1.16.0
smmap                     5.0.1
sniffio                   1.3.0
sortedcontainers          2.4.0
soupsieve                 2.5
SQLAlchemy                2.0.25
stack-data                0.6.3
statsmodels               0.14.1
tblib                     3.0.0
tenacity                  8.2.3
terminado                 0.18.0
threadpoolctl             3.2.0
tiktoken                  0.5.2
tinycss2                  1.2.1
tomli                     2.0.1
toolz                     0.12.0
tornado                   6.4
tqdm                      4.65.0
traitlets                 5.14.1
types-python-dateutil     2.8.19.20240106
typing_extensions         4.9.0
typing-inspect            0.9.0
tzdata                    2023.4
uri-template              1.3.0
urllib3                   1.26.15
wcwidth                   0.2.13
webcolors                 1.13
webencodings              0.5.1
websocket-client          1.7.0
wheel                     0.40.0
widgetsnbextension        4.0.9
yarl                      1.9.4
zict                      3.0.0
zipp                      3.17.0
zstandard                 0.19.0
Configuration Config uses Google OAuthenticator.
Logs

Google Cloud logs reveal a 302:

Mar 28 18:42:07 tljh-instance jupyterhub-singleuser[1055838]: [I 2024-03-28 18:42:07.848 ServerApp] 302 GET /user/USERNAME/oauth_callback?code=[secret]&state=[secret] -> /user/USERNAME/git-pull/api?repo=https%3A%2F%2Fgithub.com%2FUSERNAME%2Ftree_2_df&targetpath=REPO (@136.167.9.181) 49.28ms

Firefox console shows:

Firefox can’t establish a connection to the server at https://<HUB_NAME>/user/USERNAME/git-pull/api?repo=https%3A%2F%2Fgithub.com%2FUSERNAME%2Ftree_2_df&targetpath=REPO.

A ERR_TOO_MANY_REDIRECTS shows up in networking tools.

Also shows important cookie warnings:

Storage access automatically granted for First-Party isolation “https://www.google.com” on “https://HUB_NAME”. git-pull
The resource from “https://HUB_NAME/user/USERNAME/static/style/style.min.css” was blocked due to MIME type (“text/html”) mismatch (X-Content-Type-Options: nosniff). git-pull
Some cookies are misusing the recommended “SameSite“ attribute 31
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite api
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite api
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite api
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite api
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite api
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite api
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite api
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME-oauth-state” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “jupyterhub-user-USERNAME” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Cookie “_xsrf” does not have a proper “SameSite” attribute value. Soon, cookies without the “SameSite” attribute or with an invalid value will be treated as “Lax”. This means that the cookie will no longer be sent in third-party contexts. If your application depends on this cookie being available in such contexts, please add the “SameSite=None“ attribute to it. To know more about the “SameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Headers/Set-Cookie/SameSite oauth_callback
Firefox can’t establish a connection to the server at https://HUB_NAME/user/USERNAME/git-pull/api?repo=https%3A%2F%2Fgithub.com%2FUSERNAME%2FREPO_NAME&targetpath=REPO_NAME&branch=main. gitsync.js:44:27
@welcome Welcome
Copy link

welcome bot commented Mar 28, 2024

Thank you for opening your first issue in this project! Engagement like this is essential for open source projects! 🤗

If you haven't done so already, check out Jupyter's Code of Conduct. Also, please try to follow the issue template as it helps other other community members to contribute more effectively.
welcome
You can meet the other Jovyans by joining our Discourse forum. There is also an intro thread there where you can stop by and say Hi! 👋

Welcome to the Jupyter community! 🎉

@jrdnbradford jrdnbradford changed the title nbgitpuller not working on TLJH after latest JupyterHub updates nbgitpuller not working on JupyterHub after latest updates Mar 28, 2024
@jrdnbradford jrdnbradford mentioned this issue Mar 28, 2024
Merged
@minrk minrk mentioned this issue Mar 28, 2024
Merged
@minrk
Copy link
Member

minrk commented Mar 28, 2024

@jrdnbradford you're absolutely right! This should be fixed by #346.

@jrdnbradford
Copy link
Contributor Author

@minrk awesome. I installed the update but still no luck, getting a 403 error now on TLJH:

Firefox can’t establish a connection to the server at https://HUB_NAME/user/USERNAME/git-pull/api?repo=https%3A%2F%2Fgithub.com%2Fjupyterhub%2Fnbgitpuller&targetpath=nbgitpuller&branch=main. gitsync.js:46:31

@minrk
Copy link
Member

minrk commented Mar 29, 2024

Can you share the server logs, too? Those will be more informative

@jtpio jtpio mentioned this issue Mar 29, 2024
Closed
@jrdnbradford
Copy link
Contributor Author

jrdnbradford commented Mar 29, 2024
edited
Loading

@minrk false alarm. Working now. Tested on another, I needed to clear my cache after install. Thanks!

@minrk
Copy link
Member

minrk commented Mar 29, 2024

Wonderful, thanks for testing and reporting back!

@jrdnbradford jrdnbradford mentioned this issue Mar 29, 2024
Closed
@jrdnbradford
Copy link
Contributor Author

No, thank you! 👍🏼 It's possible that XSRF changes have had other downstream effects besides this one. I also added an issue in https://github.com/jupyter/nbconvert on similar grounds.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

include xsrf token in event stream request minrk/nbgitpuller
2 participants
@minrk @jrdnbradford