Download file functionality is broken in notebook packages version 5.7.6+ (5.7.7, 5.7.8)

[b0noI]

Original bug: jupyterlab/jupyterlab#6149

Reproduce:

• start JupyterLab with notebook 5.7.6+
• try to download file

Observed behavior:

• failed - forbidden (on all browsers except Safari)

XSRF protection should be switched on

[ThewBear]

I think it's come from

notebook/notebook/base/handlers.py

Lines 446 to 466 in 9560e0c

	def check_xsrf_cookie(self):
	"""Bypass xsrf cookie checks when token-authenticated"""
	if self.token_authenticated or self.settings.get('disable_check_xsrf', False):
	# Token-authenticated requests do not need additional XSRF-check
	# Servers without authentication are vulnerable to XSRF
	return
	try:
	return super(IPythonHandler, self).check_xsrf_cookie()
	except web.HTTPError as e:
	if self.request.method in {'GET', 'HEAD'}:
	# Consider Referer a sufficient cross-origin check for GET requests
	if not self.check_referer():
	referer = self.request.headers.get('Referer')
	if referer:
	msg = "Blocking Cross Origin request from {}.".format(referer)
	else:
	msg = "Blocking request from unknown origin"
	raise web.HTTPError(403, msg)
	else:
	raise

[sangramga]

@minrk I am facing the same issue on Chrome and Firefox. Any way around this?

[sangramga]

The same issue can be reproduced (On all chrome and firefox browsers) when jupyterhub is hosted behind a Nginx reverse proxy on domain "https://test.domain.com" and internal IP where jupyterhub and notebooks are hosted is 10.0.0.128:8000. And Notebook Servers are spawned in dockers.

Here the Referer: https://test.domain.com and Host: 10.0.0.128:8000
When I try to download a file from the Single user Notebook Server - I get the follwoing Error logs:

[W 2019-05-24 05:14:56.119 SingleUserNotebookApp handlers:442] Blocking Cross Origin request for /ns/user/user1/files/sampleDlsdata.csv.  Referer: https://test.domain.com, Host: 10.0.0.128:8000

[W 2019-05-24 05:14:56.120 SingleUserNotebookApp web:1667] 403 GET /ns/user/user1/files/sampleDlsdata.csv?download=1 (::ffff:10.0.0.109): Block
ing Cross Origin request from https://test.domain.com/ns/user/user1/tree.

[D 2019-05-24 05:14:56.120 SingleUserNotebookApp handlers:260] Using contents: services/contents
[D 2019-05-24 05:14:56.120 SingleUserNotebookApp handlers:260] Using contents: services/contents

[W 2019-05-24 05:14:56.125 SingleUserNotebookApp log:122] 403 GET /ns/user/user1/files/sampleDlsdata.csv?download=1 (tenant1admin@::ffff:10.0.0
.109) 6.55ms

This may be caused due to check_xsrf_cookie() in notebook/files/handlers.py in this commit d7becaf as mentioned by @thebear44 .

Also this commit 7f7bfee which mentions that /files/ must be downloaded from the same host - which is not possible when running jupyter notebook behind a reverse proxy. Also NotebookApp.allow_origin = "*" also has no effect on check_referer() method, since it checks self.allow_origin == origin

[minrk]

/files/ must be downloaded from the same host - which is not possible when running jupyter notebook behind a reverse proxy.

This statement is not correct. All JupyterHub deployments are run behind a reverse proxy and do not have an issue. The reverse proxy, however, should preserve the Host header of the proxied request, not modify it.

Setting allow_origin = * is an extremely insecure way to avoid this issue, since it opens up your deployment to cross-origin scripting (there's a reason for this check!). Preserving the Host header in the proxy properly is the right fix for this, not disabling security features.

In nginx, this is:

proxy_set_header Host $host

In Apache:

ProxyPreserveHost On

[rubenanapu]

I still keep getting this error on nginx

The important error messages are:

[W 12:12:41.989 NotebookApp] Blocking request with no referer
[W 12:12:41.989 NotebookApp] 403 GET /jupyter/files/img/cafe1.png (172.18.0.1): Blocking request from unknown origin
...
403 GET /jupyter/files/img/cafe1.png (172.18.0.1) 23.27ms referer=None

on the Nginx settings I have:

location /jupyter {
        add_header 'Access-Control-Allow-Origin' '*';
        proxy_pass http://localhost:11317/jupyter;
        proxy_set_header Host $host;
    }

I already restarted Jupyter Docker and nginx.
I tried also tried loading the image on an incognito browser tab, but no success yet.

I even have the settings below on jupyter_notebook_config.py

c.NotebookApp.allow_origin = '*' 

c.NotebookApp.token = ''
c.NotebookApp.allow_remote_access = True

I tested using Chrome and Firefox.

Does anybody know how to make that work with the settings I provided here?

[rubenanapu]

Ok, I could bypass the problem by installing Anaconda3-2018.12-Linux-x86_64.sh instead of Anaconda3-2019.03-Linux-x86_64.sh.

The latter was the one giving this error.

[lmeyerov]

Just got hit by this as well, unclear why. We already have Host for nginx and conda ~latest (via https://repo.continuum.io/miniconda/Miniconda3-latest-Linux-x86_64.sh).

[lmeyerov]

Further info: download .py path works as expected, but not .ipynb

[alisdt]

Our JupyterHub deployment is affected by this. Setting

ProxyPreserveHost On

in the Apache config doesn't work, the head of the main Jupyter page appears but there's no file list. There are other "Blocking Cross Origin API request" errors in the JupyterHub log so I presume this has broken things elsewhere.

[lmeyerov]

Likely same issue: jupyterlab/jupyterlab#6149

[lmeyerov]

Confirmed downgrading to 5.7.5 fixes this issue. (We're blocked on other Jupyter bugs for upgrading beyond it.)

[raimundomartins]

I was having the same issue on jupyter-notebook : 6.0.0 and was able to fix it by adding proxy_set_header Host $host; to my nginx conf. Previously it was proxy_set_header Host https://localhost; due to some "tutorial".
I am not aware of the security implications of this (hope they are none) nor if this is a real solution, but it certainly solved my problem.

[prusswan]

I had this issue with Jupyter notebook 6.0.3. On top of Host header, I had to set Referer and CORS as well:

 proxy_set_header  Referer  http://$host;
 add_header 'Access-Control-Allow-Origin' "$http_origin";

[smcl]

Just adding what my solution was - I was seeing this 403 error being thrown by Jupyter even though I had set correctly (even NotebookApp.allow_origin = "*" wasn't working). After a lot of headscratching I looked more closely at the log file entries I was seeing:

Nov 14 14:03:35 aviemore jupyter[9021]: [W 14:03:35.684 NotebookApp] Blocking Cross Origin request for /files/testimage.png.  Referer: https://foo.example.com, Host: foo.example.com,foo.example.com

Notice how the value of the Host header is foo.example.com,foo.example.com? This is wrong - what's happened is that I run Jupyter behind nginx as a reverse proxy and I accidentally included two instances of the line proxy_set_header Host $host; What I needed to do was just remove one of the duplicate entries.

[jakubLangr]

Hello, I have been thru this and (jupyter/jupyter#79) as well as the jupyter forums not being able to find out what to do to fix it. Running this as jupyter notebook --NotebookApp.allow_origin=* I vaguely remember working in the past. Am I doing it wrong or is there another reason for why I am getting my images as 302?

[smcl]

@jakubLangr what log entries do you see for the failing requests? Are you running it standalone or behind nginx?

[jakubLangr]

@smcl in the CLI I only see:
[I 13:37:27.089 NotebookApp] 302 GET /files/web/images/epoch002_rec_B.png (127.0.0.1) 0.51ms I am running just standalone, but running it remotely and tunneling in via SSH.

[sdbbs]

Just to comment on this: I have a Jupyter Notebook installation on an Ubuntu 20.04 Apache server; currently using these versions:

import jupyter
import notebook
print("jupyter v.{}, notebook v.{}".format(jupyter.__version__, notebook.__version__) )

jupyter v.1.0.0, notebook v.6.4.3

Basically, download worked for me for .ipynb files, but I got 403 Forbidden when downloading .py files. I have a proxy set up in my /etc/apache2/sites-available/mysite-ssl.conf (this kind of setup also I got from some tutorial), to which I added ProxyPreserveHost On (as per discussion in this thread) at these two locations:

...
  <Location /subdir/jup>
    # ....
    ProxyPreserveHost On # ADDED
    ProxyPass        http://localhost:8888/subdir/jup
    ProxyPassReverse http://localhost:8888/subdir/jup
    ProxyPassReverseCookieDomain localhost mysite.com
    RequestHeader set Origin "http://localhost:8888"
    # ...
  </Location>
  <Location /subdir/jup/api/kernels/>
    ProxyPreserveHost On # ADDED
    ProxyPass        ws://localhost:8888/subdir/jup/api/kernels/
    ProxyPassReverse ws://localhost:8888/subdir/jup/api/kernels/
  </Location>
...

Once I added these ProxyPreserveHost On, now I get 403 on my entire Jupyter installation! 😒 And I could see in /var/log/syslog:

Sep 13 05:43:07 mysrv jupyter-notebook[15512]: [W 05:43:07.487 NotebookApp] Blocking request with non-local 'Host' mysite.com (mysite.com). If the notebook should be accessible at that name, set NotebookApp.allow_remote_access to disable the check.

Without the ProxyPreserveHost On, the error message is:

Sep 13 05:52:24 mysrv jupyter-notebook[15512]: [W 05:52:24.180 NotebookApp] Blocking Cross Origin request for /subdir/jup/files/myfile.py.  Referer: https://mysite.com, Host: localhost:8888

So, I finally solved this (i.e. got the .py files to download, without 403), with, by simply adding RequestHeader set referer line (got a hint for that from https://benjaminhorn.io/code/apache-reverse-proxy/) in the mysite-ssl.conf file:

...
  <Location /subdir/jup>
    # ....
    ProxyPreserveHost On # ADDED
    ProxyPass        http://localhost:8888/subdir/jup
    ProxyPassReverse http://localhost:8888/subdir/jup
    ProxyPassReverseCookieDomain localhost mysite.com
    RequestHeader set Origin "http://localhost:8888"
    RequestHeader set referer "http://localhost:8888"
    # ...
  </Location>
...

Hope this helps someone!