* Added a flag to allow access of hidden files
The flag '--allow-hidden' will allow Tornado to access hidden files
such as '.images/my_img.jpg'
* Fixed jupyterlab not following allow-hidden
Jupyterlab stores its options in a different location than the
standard notebook. Added the ability to check there as well.
* Updated implementation for any app
Previously I was accessing the settings dict based on the name of
the app that was being used. ex 'NotebookApp', or 'LabApp'.
Now the setting is passed directly into the Tornado settings, and
can be accessed via a more general method.
* Added/fixed unit tests for test_hidden_files
Fixed broken unit tests by setting the default to allow_hidden=False
then added unit test in FilesTest:test_hidden_files that checks for
the accessibility of files with allow_hidden=True
* allow-hidden now works everywhere
Previously allow-hidden flag only allowed hidden files to be accessed via
tornado. Now you can use the allow-hidden flag to access hidden directories and
files via the filebrowser.
* Remove --allow-hidden alias
* Move allow_hidden option onto ContentsManager
* Use try/finally to ensure allow_hidden option is set back to False after test
* Allow access to hidden files, but don't list them for now
* Simplify hidden check for listing again
* Fix indentation
* Use DOM history API for navigating directories
* Fix test
* Fix building URLs and states for breadcrumbs
* Use base_url when constructing navigation URLs
* tornado 5: PeriodicCallback loop arg will be removed
PCs are always run with the current eventloop,
which is what the explicitly passed loop always is for us already
* Don't double-close socket & stream
closing stream closes the socket
* remove now-inaccurate comment
Currently changing the password does not revoke current session:
- jupyter notebook password <password1>
- jupyter notebook
- Logging in
- Kill server
- jupyter notebook password <other password>
- jupyter notebook
- Oh ! I'm still logged in.
With this, as the "effective" secret depends on the (hashed) password,
changing it void any existing session (which I believe is the goal of
most password change)
When token is enabled, the login page will present a form to the user
asking them if they want to set a password at the same time. This is
almost equivalent to running `jupyter notebook password` on the command
line.
The experience can likely be better, but just submitting that as a POC
for feedback
* Invert inverse ANSI colors
The "inverse" escape sequence was implemented in #2186, but not by
actually inverting foreground and background.
* ANSI colors: allow switching off underline and inverse
* Add CSS classes ansi-default-inverse-fg and ...-bg
* Load translations for Javascript in page template
* Normalise language codes to gettext format with underscores
* .mo files need to be under LC_MESSAGES as well
* remove unused JS code
* Normalise result in test
* Fix for opening files on Py 2
* Fix location of I18N directory
* Add translation files to package_data
Signals don't work on Windows. This tries the HTTP shutdown request first.
On Unix, it will try SIGTERM after 5 seconds, and SIGKILL after another 5, if the
server didn't already exit.
Closes gh-2937
* get the directory for external resources to pass in as path to nbconvert
* build up resources dict elements separately, combine before passing to from_notebook_node
* Use filename (not title) for the name used as the title in html export
This README.md is the only documentation for i18n setup, let's enhance
it.
Modifications include:
- make the writing style less personal
- fix markdown (syntax, headings…)
- clearly separate the usage guide from the known bugs and future perspectives
(as this guide is now in master branch, it is no longer relevant to say that
it is an experimental thing)
- rewordings
avoids clobbering cookies when multiple notebook servers are run on one host.
Users can override `cookie_options.path = ‘/‘` if they *want* cookies to be shared across notebooks on one host.
During the deprecation/removal of the `@json_errors` decorator, the
`reason` field was not carried forward into the compatible replacement
method `APIHandler.write_error`. This broke some client (tests) that
relied on that field's presence.
Fixes#2957.
we already apply this logic in our server-side checks,
but browsers check `Access-Control-Allow-Origin` headers themselves as well,
meaning that token-authenticated requests can’t be made cross-origin without CORS headers from browsers,
only scripts.
This makes default browser and server-side origin checks consistent
get_current_user is called in a few places that really shouldn’t raise
move the raising to `get_login_url`, which is called in `@web.authenticated`,
where we want to replace redirect logic with 403.
* provide some top level comments
* implement buffering of messages on last dropped connection
- buffer is per-kernel
- session_key is stored because only a single session can resume the buffer and we can't be sure
- on any new connection to a kernel, buffer is flushed.
If session_key matches, it is replayed.
Otherwise, it is discarded.
- buffer is an unbounded list for now
* restore actual zmq channels when resuming connection
rather than establishing new connections
fixes failure to resume shell channel
* hookup restart callbacks in open
instead of in `create_stream`, which is not called on reconnect
* improve handling of restored connections in js
- dismiss 'connection lost' dialog on reconnect
- set busy status on reconnect (if not busy, idle will come soon after via kernel_ready)
* ...
* ...
* ...
* add translated files in Chinese.
* Remove compiled message files
* Consolidate translations into one set of files
* Rename .pot files to .po
* Add zh-CN to list of supported languages
* Ignore compiled .mo files
* Revert a couple of unimportant changes
When starting a kernel using the Jupyter Notebook Kernel API, web
browsers will automatically check for the presence of `x-xsrftoken` in
the Access-Control-Allow-Headers during the preflight CORS check
([ref][ref]).
[ref]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
Since we didn't allow this header before, web browsers would fail the
preflight check even when the x-xsrftoken header isn't being used by the
notebook server.
This meant that running a webpage on localhost:8080 that used Javascript
to start a kernel on a notebook server running on localhost:8888 would
fail.
How I tested this commit:
1. Start a notebook server using
jupyter notebook --no-browser --NotebookApp.allow_origin="*" --NotebookApp.disable_check_xsrf=True --NotebookApp.token=''
2. Build the [web3](https://github.com/jupyter-widgets/ipywidgets/tree/master/examples/web3) example from ipywidgets.
3. In that directory, run `npm run host`.
4. Verify that visiting http://localhost:8080/ starts a kernel in the notebook server.
Damian Avila
Thomas Kluyver
Peter Parente
Grant Nestor
Thomas Kluyver
Alex Soderman
Matthias Bussonnier
yuvipanda
Min RK
Nitesh Sawant
Lilian Besson
Arthur Reading
Alex Rothberg
Daniel Farrell
Tim Head
Sukneet
Shiti Saxena
Steven Silvester
bxy007
maartenbreddels
Kirit Thadaka
bacboc
PHaeJin
Francesco Franchina
Kyle Kelley
Josh Barnes
PHaeJin
edida
Matthias Geier
Kevin Bates
Jessica B. Hamrick
M Pacer
M Pacer
Jocelyn Delalande
Jason Grout
Michael Heilman
jianzi123
Sam Lau
madhu
Douglas Hanley
Doug Hanley
Vidar Tonaas Fauske
cebolan
Miro Hrončok