Clearing the secure cookie makes sense when it is invalid or expired,
but clearing it when it's not sent with a request can unexpectedly log
the user out.
I ran into this with misconstructed URLs which didn't incorporate
base_url. That was itself a bug, but the result of suddenly being
unauthenticated makes it harder to track down.
Closes gh-3365 (hopefully)
Possibly also relevant to gh-2396
I'm not sure why this seems to affect Firefox more than Chrome.
This changes the base-path to be / instead of /api so that in the future
other APIs that return files and do not redirect you to a new address
(e.g., see #2413).
This also improves the way that the api spec handler responds to a
request, by actually displaying the spec with the appropriate
content-type header (text/x-yaml) instead of triggering a download with
the StaticFileHandler's default application/octet-stream mimetype.
* Initial selenium test
* Try configuring Travis to run selenium tests on Sauce
* Encryption key needs to be for my account, not jupyter
* Install selenium on Travis
* Get more data from server info file
* Set cwd when launching notebook server
Will this help on Travis?
* Use JUPYTER_TEST_BROWSER=chrome to test with Chrome
* Debugging test
* Separate fixtures into conftest.py
* Try with --Cls.a=b option syntax
* Try using sauce labs directly, not through Travis proxy
* Back to using proxy, with http instead of https
Idea from https://stackoverflow.com/questions/48236104/ssl-errors-using-
sauce-labs-in-travis-ci-with-selenium-webriver-tests-django-pr
* Specify browserName in desired_capabilities for Sauce
* Try connecting to Sauce for only some jobs in matrix
* Exclude selenium tests from regular test run
* Remove redundant JS test for dashboard navigation (converted to Selenium)
* Re-enable other tests
* Exclude selenium tests on Appveyor
* Later browser versions are available on Windows
* Try running tests with Firefox 57 instead of 58
* Try running with local Firefox on Travis
* Install geckodriver for Selenium tests
* Untar the right version of geckodriver
* Try stepping back one version of Firefox again
* added overwrite prevention to saving
* rearranging order of require variables and edit to rename
* added documentation, and fixed reload button
* followed suggestion by tom, started tests
* Revert "followed suggestion by tom, started tests"
This reverts commit 4d45ec7c1b6da51d3e1d4140b174b6f237ea2133.
* added back in reverted changes to editor.js
* Fix broken reference to 'this'
* Added a flag to allow access of hidden files
The flag '--allow-hidden' will allow Tornado to access hidden files
such as '.images/my_img.jpg'
* Fixed jupyterlab not following allow-hidden
Jupyterlab stores its options in a different location than the
standard notebook. Added the ability to check there as well.
* Updated implementation for any app
Previously I was accessing the settings dict based on the name of
the app that was being used. ex 'NotebookApp', or 'LabApp'.
Now the setting is passed directly into the Tornado settings, and
can be accessed via a more general method.
* Added/fixed unit tests for test_hidden_files
Fixed broken unit tests by setting the default to allow_hidden=False
then added unit test in FilesTest:test_hidden_files that checks for
the accessibility of files with allow_hidden=True
* allow-hidden now works everywhere
Previously allow-hidden flag only allowed hidden files to be accessed via
tornado. Now you can use the allow-hidden flag to access hidden directories and
files via the filebrowser.
* Remove --allow-hidden alias
* Move allow_hidden option onto ContentsManager
* Use try/finally to ensure allow_hidden option is set back to False after test
* Allow access to hidden files, but don't list them for now
* Simplify hidden check for listing again
* Fix indentation
* Use DOM history API for navigating directories
* Fix test
* Fix building URLs and states for breadcrumbs
* Use base_url when constructing navigation URLs
* tornado 5: PeriodicCallback loop arg will be removed
PCs are always run with the current eventloop,
which is what the explicitly passed loop always is for us already
* Don't double-close socket & stream
closing stream closes the socket
* remove now-inaccurate comment
Currently changing the password does not revoke current session:
- jupyter notebook password <password1>
- jupyter notebook
- Logging in
- Kill server
- jupyter notebook password <other password>
- jupyter notebook
- Oh ! I'm still logged in.
With this, as the "effective" secret depends on the (hashed) password,
changing it void any existing session (which I believe is the goal of
most password change)
When token is enabled, the login page will present a form to the user
asking them if they want to set a password at the same time. This is
almost equivalent to running `jupyter notebook password` on the command
line.
The experience can likely be better, but just submitting that as a POC
for feedback
* Invert inverse ANSI colors
The "inverse" escape sequence was implemented in #2186, but not by
actually inverting foreground and background.
* ANSI colors: allow switching off underline and inverse
* Add CSS classes ansi-default-inverse-fg and ...-bg
* Load translations for Javascript in page template
* Normalise language codes to gettext format with underscores
* .mo files need to be under LC_MESSAGES as well
* remove unused JS code
* Normalise result in test
* Fix for opening files on Py 2
* Fix location of I18N directory
* Add translation files to package_data
Ashley Teoh
Min RK
Thomas Kluyver
Dave Hirschfeld
bxy007
Thomas Kluyver
M Pacer
Evan Van Dam
Mac Knight
Ethan
Alex Rothberg
Gabriel Ruiz
Simon Biggs
Michael Droettboom
ehengao
Damian Avila
Peter Parente
Grant Nestor
Alex Soderman
Matthias Bussonnier
yuvipanda
Nitesh Sawant
Lilian Besson
Arthur Reading
Daniel Farrell
Tim Head
Sukneet
Shiti Saxena
Steven Silvester
maartenbreddels
Kirit Thadaka
bacboc
PHaeJin
Francesco Franchina
Kyle Kelley
Josh Barnes
PHaeJin
edida
Matthias Geier