##// END OF EJS Templates
Replace cell with %load magic instead of adding cell
Replace cell with %load magic instead of adding cell

File last commit:

r19155:c8ef0165
r19251:f0d7b1ff
Show More
handlers.py
514 lines | 16.8 KiB | text/x-python | PythonLexer
MinRK
rename notebooks service to contents service...
r17524 """Base Tornado handlers for the notebook server."""
Brian E. Granger
Adding new files.
r10641
MinRK
use utils.log.get_logger where appropriate
r17057 # Copyright (c) IPython Development Team.
# Distributed under the terms of the Modified BSD License.
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650
Brian E. Granger
Adding JSON error handling and fixing location headers.
r13047 import functools
import json
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 import logging
import os
MinRK
whitelist alphanumeric characters for cookie_name...
r13999 import re
Brian E. Granger
Adding JSON error handling and fixing location headers.
r13047 import sys
Zachary Sailer
changes after session manager code review
r13057 import traceback
MinRK
render custom HTML for error pages
r13939 try:
# py3
from http.client import responses
except ImportError:
from httplib import responses
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650
MinRK
render custom HTML for error pages
r13939 from jinja2 import TemplateNotFound
Brian E. Granger
Adding new files.
r10641 from tornado import web
try:
from tornado.log import app_log
except ImportError:
app_log = logging.getLogger()
Bussonnier Matthias
Have /api return the IPython version...
r18291 import IPython
Matthias Bussonnier
Add about dialog in Notebook Help Menu....
r18359 from IPython.utils.sysinfo import get_sys_info
Bussonnier Matthias
Have /api return the IPython version...
r18291
Brian E. Granger
Adding new files.
r10641 from IPython.config import Application
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 from IPython.utils.path import filefind
Thomas Kluyver
Replace references to unicode and basestring
r13353 from IPython.utils.py3compat import string_types
MinRK
move `/files/` redirect to base handlers...
r17533 from IPython.html.utils import is_hidden, url_path_join, url_escape
MinRK
forbid serving hidden files from `/files`
r13174
Kyle Kelley
csp_report_uri caused a cyclic dependency
r19143 from IPython.html.services.security import csp_report_uri
Kyle Kelley
Log CSP violations via report
r19141
Brian E. Granger
Adding new files.
r10641 #-----------------------------------------------------------------------------
# Top-level handlers
#-----------------------------------------------------------------------------
MinRK
whitelist alphanumeric characters for cookie_name...
r13999 non_alphanum = re.compile(r'[^A-Za-z0-9]')
Brian E. Granger
Adding new files.
r10641
Bussonnier Matthias
cache sys-info
r18520 sys_info = json.dumps(get_sys_info())
MinRK
render custom HTML for error pages
r13939 class AuthenticatedHandler(web.RequestHandler):
Brian E. Granger
Adding new files.
r10641 """A RequestHandler with an authenticated user."""
Matthias BUSSONNIER
allow custom headers on all pages
r15584 def set_default_headers(self):
headers = self.settings.get('headers', {})
rgbkrk
Only allow iframe embedding on same origin.
r17235
Kyle Kelley
Adapt headers to using Content Security Policy
r19137 if "Content-Security-Policy" not in headers:
Kyle Kelley
Report CSP violations as warnings.
r19151 headers["Content-Security-Policy"] = (
"frame-ancestors 'self'; "
Kyle Kelley
Clean up default content security policy setup
r19152 # Make sure the report-uri is relative to the base_url
"report-uri " + url_path_join(self.base_url, csp_report_uri) + ";"
Kyle Kelley
Report CSP violations as warnings.
r19151 )
Kyle Kelley
Log CSP violations via report
r19141
# Allow for overriding headers
Matthias BUSSONNIER
allow custom headers on all pages
r15584 for header_name,value in headers.items() :
try:
self.set_header(header_name, value)
Kyle Kelley
Clean up logs, enable debug log for header except
r19147 except Exception as e:
Matthias BUSSONNIER
allow custom headers on all pages
r15584 # tornado raise Exception (not a subclass)
# if method is unsupported (websocket and Access-Control-Allow-Origin
# for example, so just ignore)
Kyle Kelley
Clean up logs, enable debug log for header except
r19147 self.log.debug(e)
Matthias BUSSONNIER
allow custom headers on all pages
r15584
Brian E. Granger
Adding new files.
r10641 def clear_login_cookie(self):
self.clear_cookie(self.cookie_name)
def get_current_user(self):
user_id = self.get_secure_cookie(self.cookie_name)
# For now the user_id should not return empty, but it could eventually
if user_id == '':
user_id = 'anonymous'
if user_id is None:
# prevent extra Invalid cookie sig warnings:
self.clear_login_cookie()
MinRK
remove notebook read-only view...
r11644 if not self.login_available:
Brian E. Granger
Adding new files.
r10641 user_id = 'anonymous'
return user_id
@property
def cookie_name(self):
MinRK
whitelist alphanumeric characters for cookie_name...
r13999 default_cookie_name = non_alphanum.sub('-', 'username-{}'.format(
self.request.host
))
MinRK
base default cookie name on request host+port...
r10783 return self.settings.get('cookie_name', default_cookie_name)
Brian E. Granger
Adding new files.
r10641
@property
def password(self):
"""our password"""
return self.settings.get('password', '')
@property
def logged_in(self):
"""Is a user currently logged in?
"""
user = self.get_current_user()
return (user and not user == 'anonymous')
@property
def login_available(self):
"""May a user proceed to log in?
This returns True if login capability is available, irrespective of
whether the user is already logged in or not.
"""
return bool(self.settings.get('password', ''))
class IPythonHandler(AuthenticatedHandler):
"""IPython-specific extensions to authenticated handling
Mostly property shortcuts to IPython-specific settings.
"""
@property
def config(self):
return self.settings.get('config', None)
@property
def log(self):
"""use the IPython log by default, falling back on tornado's logger"""
if Application.initialized():
return Application.instance().log
else:
return app_log
#---------------------------------------------------------------
# URLs
#---------------------------------------------------------------
@property
Min RK
add '?v=<date>' to require URLs...
r19069 def version_hash(self):
"""The version hash to use for cache hints for static files"""
return self.settings.get('version_hash', '')
@property
Brian E. Granger
Adding new files.
r10641 def mathjax_url(self):
return self.settings.get('mathjax_url', '')
@property
MinRK
s/base_project_url/base_url/...
r15238 def base_url(self):
return self.settings.get('base_url', '/')
MinRK
restore websocket_url configurable...
r17303
@property
def ws_url(self):
return self.settings.get('websocket_url', '')
KesterTong
Adds configuration options to use Google Drive content manager...
r18639
@property
Jeff Hemmelgarn
Move contentmanager to contents
r18643 def contents_js_source(self):
self.log.debug("Using contents: %s", self.settings.get('contents_js_source',
Thomas Kluyver
Move contents API module into services
r18651 'services/contents'))
Thomas Kluyver
Various minor fixes from review
r18659 return self.settings.get('contents_js_source', 'services/contents')
Brian E. Granger
Adding new files.
r10641
#---------------------------------------------------------------
# Manager objects
#---------------------------------------------------------------
@property
def kernel_manager(self):
return self.settings['kernel_manager']
@property
MinRK
rename notebooks service to contents service...
r17524 def contents_manager(self):
return self.settings['contents_manager']
Brian E. Granger
Adding new files.
r10641
@property
def cluster_manager(self):
return self.settings['cluster_manager']
@property
Zachary Sailer
manual rebase base/handlers.py
r12980 def session_manager(self):
return self.settings['session_manager']
@property
Min RK
create new terminals with POST /api/terminals...
r18616 def terminal_manager(self):
return self.settings['terminal_manager']
@property
Thomas Kluyver
Create REST API for kernel specs
r16684 def kernel_spec_manager(self):
return self.settings['kernel_spec_manager']
Thomas Kluyver
First stab at ConfigManager class
r19083 @property
def config_manager(self):
return self.settings['config_manager']
Brian E. Granger
Adding new files.
r10641 #---------------------------------------------------------------
MinRK
make CORS configurable...
r17106 # CORS
#---------------------------------------------------------------
@property
MinRK
s/cors_/allow_/...
r17116 def allow_origin(self):
MinRK
make CORS configurable...
r17106 """Normal Access-Control-Allow-Origin"""
MinRK
s/cors_/allow_/...
r17116 return self.settings.get('allow_origin', '')
MinRK
make CORS configurable...
r17106
@property
MinRK
s/cors_/allow_/...
r17116 def allow_origin_pat(self):
"""Regular expression version of allow_origin"""
return self.settings.get('allow_origin_pat', None)
MinRK
make CORS configurable...
r17106
@property
MinRK
s/cors_/allow_/...
r17116 def allow_credentials(self):
MinRK
make CORS configurable...
r17106 """Whether to set Access-Control-Allow-Credentials"""
MinRK
s/cors_/allow_/...
r17116 return self.settings.get('allow_credentials', False)
MinRK
make CORS configurable...
r17106
def set_default_headers(self):
"""Add CORS headers, if defined"""
super(IPythonHandler, self).set_default_headers()
MinRK
s/cors_/allow_/...
r17116 if self.allow_origin:
self.set_header("Access-Control-Allow-Origin", self.allow_origin)
elif self.allow_origin_pat:
MinRK
make CORS configurable...
r17106 origin = self.get_origin()
MinRK
s/cors_/allow_/...
r17116 if origin and self.allow_origin_pat.match(origin):
MinRK
make CORS configurable...
r17106 self.set_header("Access-Control-Allow-Origin", origin)
MinRK
s/cors_/allow_/...
r17116 if self.allow_credentials:
MinRK
make CORS configurable...
r17106 self.set_header("Access-Control-Allow-Credentials", 'true')
def get_origin(self):
# Handle WebSocket Origin naming convention differences
# The difference between version 8 and 13 is that in 8 the
# client sends a "Sec-Websocket-Origin" header and in 13 it's
# simply "Origin".
if "Origin" in self.request.headers:
origin = self.request.headers.get("Origin")
else:
origin = self.request.headers.get("Sec-Websocket-Origin", None)
return origin
#---------------------------------------------------------------
Brian E. Granger
Adding new files.
r10641 # template rendering
#---------------------------------------------------------------
def get_template(self, name):
"""Return the jinja template object for a given name"""
return self.settings['jinja2_env'].get_template(name)
def render_template(self, name, **ns):
ns.update(self.template_namespace)
template = self.get_template(name)
return template.render(**ns)
@property
def template_namespace(self):
return dict(
MinRK
s/base_project_url/base_url/...
r15238 base_url=self.base_url,
MinRK
restore websocket_url configurable...
r17303 ws_url=self.ws_url,
Brian E. Granger
Adding new files.
r10641 logged_in=self.logged_in,
login_available=self.login_available,
MinRK
restore use of tornado static_url...
r13896 static_url=self.static_url,
KesterTong
Adds configuration options to use Google Drive content manager...
r18639 sys_info=sys_info,
Jeff Hemmelgarn
Move contentmanager to contents
r18643 contents_js_source=self.contents_js_source,
Min RK
add '?v=<date>' to require URLs...
r19069 version_hash=self.version_hash,
Brian E. Granger
Adding new files.
r10641 )
MinRK
restore use of tornado static_url...
r13896
Zachary Sailer
changes after session manager code review
r13057 def get_json_body(self):
"""Return the body of the request as JSON data."""
if not self.request.body:
return None
# Do we need to call body.decode('utf-8') here?
body = self.request.body.strip().decode(u'utf-8')
try:
model = json.loads(body)
MinRK
log exceptions parsing JSON
r13071 except Exception:
self.log.debug("Bad JSON: %r", body)
self.log.error("Couldn't parse JSON", exc_info=True)
Zachary Sailer
changes after session manager code review
r13057 raise web.HTTPError(400, u'Invalid JSON in body of request')
return model
Brian E. Granger
Adding JSON error handling and fixing location headers.
r13047
MinRK
use write_error instead of get_error_html...
r17664 def write_error(self, status_code, **kwargs):
MinRK
render custom HTML for error pages
r13939 """render custom error pages"""
MinRK
use write_error instead of get_error_html...
r17664 exc_info = kwargs.get('exc_info')
MinRK
render custom HTML for error pages
r13939 message = ''
MinRK
be more specific about unknown status codes...
r14045 status_message = responses.get(status_code, 'Unknown HTTP Error')
MinRK
use write_error instead of get_error_html...
r17664 if exc_info:
exception = exc_info[1]
MinRK
render custom HTML for error pages
r13939 # get the custom message, if defined
try:
message = exception.log_message % exception.args
except Exception:
pass
# construct the custom reason, if defined
reason = getattr(exception, 'reason', '')
if reason:
status_message = reason
# build template namespace
ns = dict(
status_code=status_code,
status_message=status_message,
message=message,
exception=exception,
)
MinRK
use write_error instead of get_error_html...
r17664 self.set_header('Content-Type', 'text/html')
MinRK
render custom HTML for error pages
r13939 # render the template
try:
html = self.render_template('%s.html' % status_code, **ns)
except TemplateNotFound:
self.log.debug("No template for %d", status_code)
html = self.render_template('error.html', **ns)
MinRK
use write_error instead of get_error_html...
r17664
self.write(html)
MinRK
render custom HTML for error pages
r13939
class Template404(IPythonHandler):
"""Render our 404 template"""
def prepare(self):
raise web.HTTPError(404)
MinRK
forbid serving hidden files from `/files`
r13174
Brian E. Granger
Adding new files.
r10641 class AuthenticatedFileHandler(IPythonHandler, web.StaticFileHandler):
"""static files should only be accessible when logged in"""
MinRK
remove notebook read-only view...
r11644 @web.authenticated
Brian E. Granger
Adding new files.
r10641 def get(self, path):
Brian E. Granger
Handle notebook downloads through the /files URL.
r13114 if os.path.splitext(path)[1] == '.ipynb':
MinRK
Remove separate 'path', 'name' in Contents API...
r18749 name = path.rsplit('/', 1)[-1]
Brian E. Granger
Handle notebook downloads through the /files URL.
r13114 self.set_header('Content-Type', 'application/json')
self.set_header('Content-Disposition','attachment; filename="%s"' % name)
MinRK
forbid serving hidden files from `/files`
r13174
Brian E. Granger
Adding new files.
r10641 return web.StaticFileHandler.get(self, path)
MinRK
forbid serving hidden files from `/files`
r13174
MinRK
set no-cache header in StaticFileHandlers...
r19068 def set_headers(self):
super(AuthenticatedFileHandler, self).set_headers()
Min RK
don't cache files in static/custom or nbextensions...
r19070 # disable browser caching, rely on 304 replies for savings
MinRK
set no-cache header in StaticFileHandlers...
r19068 if "v" not in self.request.arguments:
self.add_header("Cache-Control", "no-cache")
MinRK
don't compute etags in static file handlers...
r13320 def compute_etag(self):
return None
MinRK
forbid serving hidden files from `/files`
r13174 def validate_absolute_path(self, root, absolute_path):
"""Validate and return the absolute path.
Requires tornado 3.1
Adding to tornado's own handling, forbids the serving of hidden files.
"""
abs_path = super(AuthenticatedFileHandler, self).validate_absolute_path(root, absolute_path)
abs_root = os.path.abspath(root)
Brian E. Granger
Small refactoring of is_hidden to take root as default kwarg.
r15108 if is_hidden(abs_path, abs_root):
Paul Ivanov
log refusal to serve hidden files dirs
r15610 self.log.info("Refusing to serve hidden file, via 404 Error")
Brian E. Granger
404 for hidden files to not revleal their existence.
r15102 raise web.HTTPError(404)
Brian E. Granger
Creating and testing IPython.html.utils.is_hidden.
r15097 return abs_path
Brian E. Granger
More work on the handlers
r10647
Brian E. Granger
Adding JSON error handling and fixing location headers.
r13047 def json_errors(method):
"""Decorate methods with this to return GitHub style JSON errors.
MinRK
update json_errors decorator...
r13065 This should be used on any JSON API on any handler method that can raise HTTPErrors.
Brian E. Granger
Adding JSON error handling and fixing location headers.
r13047
This will grab the latest HTTPError exception using sys.exc_info
and then:
1. Set the HTTP status code based on the HTTPError
2. Create and return a JSON body with a message field describing
the error in a human readable form.
"""
@functools.wraps(method)
def wrapper(self, *args, **kwargs):
try:
result = method(self, *args, **kwargs)
MinRK
update json_errors decorator...
r13065 except web.HTTPError as e:
status = e.status_code
message = e.log_message
MinRK
log error message when API requests fail
r16444 self.log.warn(message)
MinRK
update json_errors decorator...
r13065 self.set_status(e.status_code)
self.finish(json.dumps(dict(message=message)))
except Exception:
self.log.error("Unhandled error in API request", exc_info=True)
status = 500
message = "Unknown server error"
Brian E. Granger
Adding JSON error handling and fixing location headers.
r13047 t, value, tb = sys.exc_info()
self.set_status(status)
Zachary Sailer
changes after session manager code review
r13057 tb_text = ''.join(traceback.format_exception(t, value, tb))
reply = dict(message=message, traceback=tb_text)
MinRK
update json_errors decorator...
r13065 self.finish(json.dumps(reply))
Brian E. Granger
Adding JSON error handling and fixing location headers.
r13047 else:
return result
return wrapper
Brian E. Granger
More work on the handlers
r10647 #-----------------------------------------------------------------------------
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 # File handler
#-----------------------------------------------------------------------------
# to minimize subclass changes:
HTTPError = web.HTTPError
class FileFindHandler(web.StaticFileHandler):
"""subclass of StaticFileHandler for serving files from a search path"""
MinRK
bump minimum tornado version to 3.1.0...
r13313 # cache search results, don't search for files more than once
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 _static_paths = {}
MinRK
set no-cache header in StaticFileHandlers...
r19068 def set_headers(self):
super(FileFindHandler, self).set_headers()
Min RK
don't cache files in static/custom or nbextensions...
r19070 # disable browser caching, rely on 304 replies for savings
if "v" not in self.request.arguments or \
any(self.request.path.startswith(path) for path in self.no_cache_paths):
MinRK
set no-cache header in StaticFileHandlers...
r19068 self.add_header("Cache-Control", "no-cache")
Min RK
don't cache files in static/custom or nbextensions...
r19070 def initialize(self, path, default_filename=None, no_cache_paths=None):
self.no_cache_paths = no_cache_paths or []
Thomas Kluyver
Replace references to unicode and basestring
r13353 if isinstance(path, string_types):
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 path = [path]
MinRK
bump minimum tornado version to 3.1.0...
r13313
self.root = tuple(
MinRK
s/os.path.sep/os.sep/
r13182 os.path.abspath(os.path.expanduser(p)) + os.sep for p in path
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 )
self.default_filename = default_filename
MinRK
don't compute etags in static file handlers...
r13320 def compute_etag(self):
return None
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 @classmethod
MinRK
bump minimum tornado version to 3.1.0...
r13313 def get_absolute_path(cls, roots, path):
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 """locate a file to serve on our static file search path"""
with cls._lock:
if path in cls._static_paths:
return cls._static_paths[path]
try:
abspath = os.path.abspath(filefind(path, roots))
except IOError:
MinRK
raise 404 on not found static file...
r13318 # IOError means not found
MinRK
don't raise 404 in get_absolute_path...
r13897 return ''
MinRK
bump minimum tornado version to 3.1.0...
r13313
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 cls._static_paths[path] = abspath
return abspath
MinRK
bump minimum tornado version to 3.1.0...
r13313 def validate_absolute_path(self, root, absolute_path):
"""check if the file should be served (raises 404, 403, etc.)"""
MinRK
don't raise 404 in get_absolute_path...
r13897 if absolute_path == '':
raise web.HTTPError(404)
MinRK
bump minimum tornado version to 3.1.0...
r13313 for root in self.root:
if (absolute_path + os.sep).startswith(root):
break
Zachary Sailer
changes after session manager code review
r13057
MinRK
bump minimum tornado version to 3.1.0...
r13313 return super(FileFindHandler, self).validate_absolute_path(root, absolute_path)
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650
Bussonnier Matthias
Have /api return the IPython version...
r18291 class ApiVersionHandler(IPythonHandler):
@json_errors
def get(self):
# not authenticated, so give as few info as possible
self.finish(json.dumps({"version":IPython.__version__}))
MinRK
Remove separate 'path', 'name' in Contents API...
r18749
MinRK
add TrailingSlashHandler...
r13077 class TrailingSlashHandler(web.RequestHandler):
"""Simple redirect handler that strips trailing slashes
This should be the first, highest priority handler.
"""
def get(self):
self.redirect(self.request.uri.rstrip('/'))
MinRK
Remove separate 'path', 'name' in Contents API...
r18749
post = put = get
MinRK
add TrailingSlashHandler...
r13077
MinRK
move `/files/` redirect to base handlers...
r17533
class FilesRedirectHandler(IPythonHandler):
"""Handler for redirecting relative URLs to the /files/ handler"""
def get(self, path=''):
cm = self.contents_manager
MinRK
Remove separate 'path', 'name' in Contents API...
r18749 if cm.dir_exists(path):
MinRK
move `/files/` redirect to base handlers...
r17533 # it's a *directory*, redirect to /tree
url = url_path_join(self.base_url, 'tree', path)
else:
orig_path = path
# otherwise, redirect to /files
parts = path.split('/')
MinRK
Remove separate 'path', 'name' in Contents API...
r18749 if not cm.file_exists(path=path) and 'files' in parts:
MinRK
move `/files/` redirect to base handlers...
r17533 # redirect without files/ iff it would 404
# this preserves pre-2.0-style 'files/' links
self.log.warn("Deprecated files/ URL: %s", orig_path)
parts.remove('files')
MinRK
Remove separate 'path', 'name' in Contents API...
r18749 path = '/'.join(parts)
MinRK
move `/files/` redirect to base handlers...
r17533
MinRK
Remove separate 'path', 'name' in Contents API...
r18749 if not cm.file_exists(path=path):
MinRK
move `/files/` redirect to base handlers...
r17533 raise web.HTTPError(404)
MinRK
Remove separate 'path', 'name' in Contents API...
r18749 url = url_path_join(self.base_url, 'files', path)
MinRK
move `/files/` redirect to base handlers...
r17533 url = url_escape(url)
self.log.debug("Redirecting %s to %s", self.request.path, url)
self.redirect(url)
Brian E. Granger
Renaming api handlers and moving FileFindHandler into base handlr.
r10650 #-----------------------------------------------------------------------------
Thomas Kluyver
Move notebook URL fragment regexen into IPython.html.base.handlers
r13916 # URL pattern fragments for re-use
#-----------------------------------------------------------------------------
Min RK
fix and test path regexes...
r18757 # path matches any number of `/foo[/bar...]` or just `/` or ''
path_regex = r"(?P<path>(?:(?:/[^/]+)+|/?))"
notebook_path_regex = r"(?P<path>(?:/[^/]+)+\.ipynb)"
Thomas Kluyver
Move notebook URL fragment regexen into IPython.html.base.handlers
r13916
#-----------------------------------------------------------------------------
Brian E. Granger
More work on the handlers
r10647 # URL to handler mappings
#-----------------------------------------------------------------------------
MinRK
add TrailingSlashHandler...
r13077 default_handlers = [
Bussonnier Matthias
Have /api return the IPython version...
r18291 (r".*/", TrailingSlashHandler),
(r"api", ApiVersionHandler)
MinRK
add TrailingSlashHandler...
r13077 ]