upstream/ipython Files · IPython/html/base/zmqhandlers.py

Backport PR : more minor fixes to release scripts...

Backport PR : more minor fixes to release scripts after releasing 2.2.0 - allow `tools/release` to be run from top-level repo dir - upload wheels

MinRK - - Load All Authors

File last commit:

r18089:73796bcf


                r18809:bccd4017

Download file

             zmqhandlers.py
        
                    176 lines
            
             | 5.9 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / IPython / html / base / zmqhandlers.py
          
                    History
                
                 |
                  Source
                 | Raw
                 |Copy content
                 |Copy permalink

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
      """Tornado handlers for WebSocket <-> ZMQ sockets.

      Authors:

      * Brian Granger

      """

      #-----------------------------------------------------------------------------

      #  Copyright (C) 2008-2011  The IPython Development Team

      #

      #  Distributed under the terms of the BSD License.  The full license is in

      #  the file COPYING, distributed as part of this software.

      #-----------------------------------------------------------------------------

      #-----------------------------------------------------------------------------

      # Imports

      #-----------------------------------------------------------------------------

        Thomas Kluyver
    
Update imports for Python 3...

              r13354
            
      try:

        Kyle Kelley
    
Indicate Py3 vs. Py2 codepath.

              r14652
            
          from urllib.parse import urlparse # Py 3

        Kyle Kelley
    
Add Origin Checking.

              r14646
            
      except ImportError:

        Kyle Kelley
    
Indicate Py3 vs. Py2 codepath.

              r14652
            
          from urlparse import urlparse # Py 2

        Kyle Kelley
    
Add Origin Checking.

              r14646
            
      try:

        Thomas Kluyver
    
Update imports for Python 3...

              r13354
            
          from http.cookies import SimpleCookie  # Py 3

      except ImportError:

          from Cookie import SimpleCookie  # Py 2

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
      import logging

        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
      import tornado

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
      from tornado import web

      from tornado import websocket

      from zmq.utils import jsonapi

      from IPython.kernel.zmq.session import Session

      from IPython.utils.jsonutil import date_default

        MinRK
    
fix some unicode in zmqhandlers...

              r11330
            
      from IPython.utils.py3compat import PY3, cast_unicode

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
        Brian E. Granger
    
Updating imports.

              r10667
            
      from .handlers import IPythonHandler

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
      #-----------------------------------------------------------------------------

      # ZMQ handlers

      #-----------------------------------------------------------------------------

      class ZMQStreamHandler(websocket.WebSocketHandler):

        Kyle Kelley
    
Add Origin Checking.

              r14646
            
        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
          def check_origin(self, origin):

              """Check Origin == Host or Access-Control-Allow-Origin.

        Kyle Kelley
    
Handle variations of name for origin

              r14732
            
        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
              Tornado >= 4 calls this method automatically, raising 403 if it returns False.

              We call it explicitly in `open` on Tornado < 4.

              """

              if self.allow_origin == '*':

                  return True

        Kyle Kelley
    
Handle variations of name for origin

              r14732
            
        Kyle Kelley
    
Performing check only on open.

              r14700
            
              host = self.request.headers.get("Host")

        Kyle Kelley
    
Add Origin Checking.

              r14646
            
        Kyle Kelley
    
Name change to same_origin

              r14703
            
              # If no header is provided, assume we can't verify origin

        MinRK
    
Backport PR #6480: only compare host:port in Websocket.check_origin...

              r18089
            
              if origin is None:

                  self.log.warn("Missing Origin header, rejecting WebSocket connection.")

                  return False

              if host is None:

                  self.log.warn("Missing Host header, rejecting WebSocket connection.")

        Kyle Kelley
    
Name change to same_origin

              r14703
            
                  return False

        Kyle Kelley
    
Verify that headers are set, explicitly

              r14702
            
        MinRK
    
Backport PR #6480: only compare host:port in Websocket.check_origin...

              r18089
            
              origin = origin.lower()

              origin_host = urlparse(origin).netloc

        Kyle Kelley
    
Add Origin Checking.

              r14646
            
        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
              # OK if origin matches host

        MinRK
    
Backport PR #6480: only compare host:port in Websocket.check_origin...

              r18089
            
              if origin_host == host:

        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
                  return True

              # Check CORS headers

              if self.allow_origin:

        MinRK
    
Backport PR #6480: only compare host:port in Websocket.check_origin...

              r18089
            
                  allow = self.allow_origin == origin

        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
              elif self.allow_origin_pat:

        MinRK
    
Backport PR #6480: only compare host:port in Websocket.check_origin...

              r18089
            
                  allow = bool(self.allow_origin_pat.match(origin))

        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
              else:

                  # No CORS headers deny the request

        MinRK
    
Backport PR #6480: only compare host:port in Websocket.check_origin...

              r18089
            
                  allow = False

              if not allow:

                  self.log.warn("Blocking Cross Origin WebSocket Attempt.  Origin: %s, Host: %s",

                      origin, host,

                  )

              return allow

        Kyle Kelley
    
Add Origin Checking.

              r14646
            
        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
          def clear_cookie(self, *args, **kwargs):

              """meaningless for websockets"""

              pass

          def _reserialize_reply(self, msg_list):

              """Reserialize a reply message using JSON.

              This takes the msg list from the ZMQ socket, unserializes it using

              self.session and then serializes the result using JSON. This method

              should be used by self._on_zmq_reply to build messages that can

              be sent back to the browser.

              """

              idents, msg_list = self.session.feed_identities(msg_list)

              msg = self.session.unserialize(msg_list)

              try:

                  msg['header'].pop('date')

              except KeyError:

                  pass

              try:

                  msg['parent_header'].pop('date')

              except KeyError:

                  pass

              msg.pop('buffers')

              return jsonapi.dumps(msg, default=date_default)

          def _on_zmq_reply(self, msg_list):

              # Sometimes this gets triggered when the on_close method is scheduled in the

              # eventloop but hasn't been called.

              if self.stream.closed(): return

              try:

                  msg = self._reserialize_reply(msg_list)

              except Exception:

                  self.log.critical("Malformed message: %r" % msg_list, exc_info=True)

              else:

                  self.write_message(msg)

          def allow_draft76(self):

              """Allow draft 76, until browsers such as Safari update to RFC 6455.

              This has been disabled by default in tornado in release 2.2.0, and

              support will be removed in later versions.

              """

              return True

      class AuthenticatedZMQStreamHandler(ZMQStreamHandler, IPythonHandler):

        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
          def set_default_headers(self):

              """Undo the set_default_headers in IPythonHandler

              which doesn't make sense for websockets

              """

              pass

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
          def open(self, kernel_id):

        MinRK
    
Backport PR #6003: Set kernel_id before checking websocket...

              r17051
            
              self.kernel_id = cast_unicode(kernel_id, 'ascii')

        Kyle Kelley
    
Performing check only on open.

              r14700
            
              # Check to see that origin matches host directly, including ports

        MinRK
    
Backport PR #6061: make CORS configurable...

              r17153
            
              # Tornado 4 already does CORS checking

              if tornado.version_info[0] < 4:

                  if not self.check_origin(self.get_origin()):

                      raise web.HTTPError(403)

        Kyle Kelley
    
Performing check only on open.

              r14700
            
        MinRK
    
don't use parent=self in handlers...

              r11105
            
              self.session = Session(config=self.config)

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
              self.save_on_message = self.on_message

              self.on_message = self.on_first_message

          def _inject_cookie_message(self, msg):

              """Inject the first message, which is the document cookie,

              for authentication."""

              if not PY3 and isinstance(msg, unicode):

                  # Cookie constructor doesn't accept unicode strings

                  # under Python 2.x for some reason

                  msg = msg.encode('utf8', 'replace')

              try:

                  identity, msg = msg.split(':', 1)

        MinRK
    
fix some unicode in zmqhandlers...

              r11330
            
                  self.session.session = cast_unicode(identity, 'ascii')

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
              except Exception:

                  logging.error("First ws message didn't have the form 'identity:[cookie]' - %r", msg)

              try:

        Thomas Kluyver
    
Update imports for Python 3...

              r13354
            
                  self.request._cookies = SimpleCookie(msg)

        Brian E. Granger
    
Moving base ZMQ handlers to base/zmqhandlers.py.

              r10653
            
              except:

                  self.log.warn("couldn't parse cookie string: %s",msg, exc_info=True)

          def on_first_message(self, msg):

              self._inject_cookie_message(msg)

              if self.get_current_user() is None:

                  self.log.warn("Couldn't authenticate WebSocket connection")

                  raise web.HTTPError(403)

        Kyle Kelley
    
Performing check only on open.

              r14700
            
              self.on_message = self.save_on_message

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653	"""Tornado handlers for WebSocket <-> ZMQ sockets.

		Authors:

		* Brian Granger
		"""

		#-----------------------------------------------------------------------------
		# Copyright (C) 2008-2011 The IPython Development Team
		#
		# Distributed under the terms of the BSD License. The full license is in
		# the file COPYING, distributed as part of this software.
		#-----------------------------------------------------------------------------

		#-----------------------------------------------------------------------------
		# Imports
		#-----------------------------------------------------------------------------

Thomas Kluyver Update imports for Python 3...	r13354	try:
Kyle Kelley Indicate Py3 vs. Py2 codepath.	r14652	from urllib.parse import urlparse # Py 3
Kyle Kelley Add Origin Checking.	r14646	except ImportError:
Kyle Kelley Indicate Py3 vs. Py2 codepath.	r14652	from urlparse import urlparse # Py 2
Kyle Kelley Add Origin Checking.	r14646
		try:
Thomas Kluyver Update imports for Python 3...	r13354	from http.cookies import SimpleCookie # Py 3
		except ImportError:
		from Cookie import SimpleCookie # Py 2
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653	import logging
MinRK Backport PR #6061: make CORS configurable...	r17153
		import tornado
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653	from tornado import web
		from tornado import websocket

		from zmq.utils import jsonapi

		from IPython.kernel.zmq.session import Session
		from IPython.utils.jsonutil import date_default
MinRK fix some unicode in zmqhandlers...	r11330	from IPython.utils.py3compat import PY3, cast_unicode
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653
Brian E. Granger Updating imports.	r10667	from .handlers import IPythonHandler
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653
		#-----------------------------------------------------------------------------
		# ZMQ handlers
		#-----------------------------------------------------------------------------

		class ZMQStreamHandler(websocket.WebSocketHandler):
Kyle Kelley Add Origin Checking.	r14646
MinRK Backport PR #6061: make CORS configurable...	r17153	def check_origin(self, origin):
		"""Check Origin == Host or Access-Control-Allow-Origin.
Kyle Kelley Handle variations of name for origin	r14732
MinRK Backport PR #6061: make CORS configurable...	r17153	Tornado >= 4 calls this method automatically, raising 403 if it returns False.
		We call it explicitly in `open` on Tornado < 4.
		"""
		if self.allow_origin == '*':
		return True
Kyle Kelley Handle variations of name for origin	r14732
Kyle Kelley Performing check only on open.	r14700	host = self.request.headers.get("Host")
Kyle Kelley Add Origin Checking.	r14646
Kyle Kelley Name change to same_origin	r14703	# If no header is provided, assume we can't verify origin
MinRK Backport PR #6480: only compare host:port in Websocket.check_origin...	r18089	if origin is None:
		self.log.warn("Missing Origin header, rejecting WebSocket connection.")
		return False
		if host is None:
		self.log.warn("Missing Host header, rejecting WebSocket connection.")
Kyle Kelley Name change to same_origin	r14703	return False
Kyle Kelley Verify that headers are set, explicitly	r14702
MinRK Backport PR #6480: only compare host:port in Websocket.check_origin...	r18089	origin = origin.lower()
		origin_host = urlparse(origin).netloc
Kyle Kelley Add Origin Checking.	r14646
MinRK Backport PR #6061: make CORS configurable...	r17153	# OK if origin matches host
MinRK Backport PR #6480: only compare host:port in Websocket.check_origin...	r18089	if origin_host == host:
MinRK Backport PR #6061: make CORS configurable...	r17153	return True

		# Check CORS headers
		if self.allow_origin:
MinRK Backport PR #6480: only compare host:port in Websocket.check_origin...	r18089	allow = self.allow_origin == origin
MinRK Backport PR #6061: make CORS configurable...	r17153	elif self.allow_origin_pat:
MinRK Backport PR #6480: only compare host:port in Websocket.check_origin...	r18089	allow = bool(self.allow_origin_pat.match(origin))
MinRK Backport PR #6061: make CORS configurable...	r17153	else:
		# No CORS headers deny the request
MinRK Backport PR #6480: only compare host:port in Websocket.check_origin...	r18089	allow = False
		if not allow:
		self.log.warn("Blocking Cross Origin WebSocket Attempt. Origin: %s, Host: %s",
		origin, host,
		)
		return allow
Kyle Kelley Add Origin Checking.	r14646
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653	def clear_cookie(self, args, *kwargs):
		"""meaningless for websockets"""
		pass

		def _reserialize_reply(self, msg_list):
		"""Reserialize a reply message using JSON.

		This takes the msg list from the ZMQ socket, unserializes it using
		self.session and then serializes the result using JSON. This method
		should be used by self._on_zmq_reply to build messages that can
		be sent back to the browser.
		"""
		idents, msg_list = self.session.feed_identities(msg_list)
		msg = self.session.unserialize(msg_list)
		try:
		msg['header'].pop('date')
		except KeyError:
		pass
		try:
		msg['parent_header'].pop('date')
		except KeyError:
		pass
		msg.pop('buffers')
		return jsonapi.dumps(msg, default=date_default)

		def _on_zmq_reply(self, msg_list):
		# Sometimes this gets triggered when the on_close method is scheduled in the
		# eventloop but hasn't been called.
		if self.stream.closed(): return
		try:
		msg = self._reserialize_reply(msg_list)
		except Exception:
		self.log.critical("Malformed message: %r" % msg_list, exc_info=True)
		else:
		self.write_message(msg)

		def allow_draft76(self):
		"""Allow draft 76, until browsers such as Safari update to RFC 6455.

		This has been disabled by default in tornado in release 2.2.0, and
		support will be removed in later versions.
		"""
		return True


		class AuthenticatedZMQStreamHandler(ZMQStreamHandler, IPythonHandler):
MinRK Backport PR #6061: make CORS configurable...	r17153	def set_default_headers(self):
		"""Undo the set_default_headers in IPythonHandler

		which doesn't make sense for websockets
		"""
		pass
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653
		def open(self, kernel_id):
MinRK Backport PR #6003: Set kernel_id before checking websocket...	r17051	self.kernel_id = cast_unicode(kernel_id, 'ascii')
Kyle Kelley Performing check only on open.	r14700	# Check to see that origin matches host directly, including ports
MinRK Backport PR #6061: make CORS configurable...	r17153	# Tornado 4 already does CORS checking
		if tornado.version_info[0] < 4:
		if not self.check_origin(self.get_origin()):
		raise web.HTTPError(403)
Kyle Kelley Performing check only on open.	r14700
MinRK don't use parent=self in handlers...	r11105	self.session = Session(config=self.config)
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653	self.save_on_message = self.on_message
		self.on_message = self.on_first_message

		def _inject_cookie_message(self, msg):
		"""Inject the first message, which is the document cookie,
		for authentication."""
		if not PY3 and isinstance(msg, unicode):
		# Cookie constructor doesn't accept unicode strings
		# under Python 2.x for some reason
		msg = msg.encode('utf8', 'replace')
		try:
		identity, msg = msg.split(':', 1)
MinRK fix some unicode in zmqhandlers...	r11330	self.session.session = cast_unicode(identity, 'ascii')
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653	except Exception:
		logging.error("First ws message didn't have the form 'identity:[cookie]' - %r", msg)

		try:
Thomas Kluyver Update imports for Python 3...	r13354	self.request._cookies = SimpleCookie(msg)
Brian E. Granger Moving base ZMQ handlers to base/zmqhandlers.py.	r10653	except:
		self.log.warn("couldn't parse cookie string: %s",msg, exc_info=True)

		def on_first_message(self, msg):
		self._inject_cookie_message(msg)
		if self.get_current_user() is None:
		self.log.warn("Couldn't authenticate WebSocket connection")
		raise web.HTTPError(403)
Kyle Kelley Performing check only on open.	r14700	self.on_message = self.save_on_message