From b82c6fdff851e618c3d0cd982cca5e34ee9be7af Mon Sep 17 00:00:00 2001 From: Brian Cherinka Date: Mon, 1 Nov 2021 16:07:13 -0400 Subject: [PATCH 1/2] bug fixing allow_origin_pat property --- jupyter_server/base/handlers.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/jupyter_server/base/handlers.py b/jupyter_server/base/handlers.py index 60d0e5fead..81bf7b36bd 100644 --- a/jupyter_server/base/handlers.py +++ b/jupyter_server/base/handlers.py @@ -295,7 +295,8 @@ def allow_origin(self): @property def allow_origin_pat(self): """Regular expression version of allow_origin""" - return self.settings.get("allow_origin_pat", None) + pat_str = self.settings.get("allow_origin_pat", None) + return re.compile(pat_str) if pat_str else None @property def allow_credentials(self): From 516f92d1dc0af39f47b265fe43b317043dd014ca Mon Sep 17 00:00:00 2001 From: Brian Cherinka Date: Tue, 2 Nov 2021 16:33:55 -0400 Subject: [PATCH 2/2] making requested changes --- jupyter_server/auth/login.py | 2 +- jupyter_server/base/handlers.py | 9 ++++----- jupyter_server/base/zmqhandlers.py | 3 ++- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/jupyter_server/auth/login.py b/jupyter_server/auth/login.py index 7df56918e0..19cdb47d75 100644 --- a/jupyter_server/auth/login.py +++ b/jupyter_server/auth/login.py @@ -53,7 +53,7 @@ def _redirect_safe(self, url, default=None): if self.allow_origin: allow = self.allow_origin == origin elif self.allow_origin_pat: - allow = bool(self.allow_origin_pat.match(origin)) + allow = bool(re.match(self.allow_origin_pat, origin)) if not allow: # not allowed, use default self.log.warning("Not allowing login redirect to %r" % url) diff --git a/jupyter_server/base/handlers.py b/jupyter_server/base/handlers.py index 81bf7b36bd..db5f2296cf 100644 --- a/jupyter_server/base/handlers.py +++ b/jupyter_server/base/handlers.py @@ -295,8 +295,7 @@ def allow_origin(self): @property def allow_origin_pat(self): """Regular expression version of allow_origin""" - pat_str = self.settings.get("allow_origin_pat", None) - return re.compile(pat_str) if pat_str else None + return self.settings.get("allow_origin_pat", None) @property def allow_credentials(self): @@ -310,7 +309,7 @@ def set_default_headers(self): self.set_header("Access-Control-Allow-Origin", self.allow_origin) elif self.allow_origin_pat: origin = self.get_origin() - if origin and self.allow_origin_pat.match(origin): + if origin and re.match(self.allow_origin_pat, origin): self.set_header("Access-Control-Allow-Origin", origin) elif self.token_authenticated and "Access-Control-Allow-Origin" not in self.settings.get( "headers", {} @@ -383,7 +382,7 @@ def check_origin(self, origin_to_satisfy_tornado=""): if self.allow_origin: allow = self.allow_origin == origin elif self.allow_origin_pat: - allow = bool(self.allow_origin_pat.match(origin)) + allow = bool(re.match(self.allow_origin_pat, origin)) else: # No CORS headers deny the request allow = False @@ -428,7 +427,7 @@ def check_referer(self): if self.allow_origin: allow = self.allow_origin == origin elif self.allow_origin_pat: - allow = bool(self.allow_origin_pat.match(origin)) + allow = bool(re.match(self.allow_origin_pat, origin)) else: # No CORS settings, deny the request allow = False diff --git a/jupyter_server/base/zmqhandlers.py b/jupyter_server/base/zmqhandlers.py index 6e03990dec..029a47bdba 100644 --- a/jupyter_server/base/zmqhandlers.py +++ b/jupyter_server/base/zmqhandlers.py @@ -3,6 +3,7 @@ # Copyright (c) Jupyter Development Team. # Distributed under the terms of the Modified BSD License. import json +import re import struct import sys from urllib.parse import urlparse @@ -139,7 +140,7 @@ def check_origin(self, origin=None): if self.allow_origin: allow = self.allow_origin == origin elif self.allow_origin_pat: - allow = bool(self.allow_origin_pat.match(origin)) + allow = bool(re.match(self.allow_origin_pat, origin)) else: # No CORS headers deny the request allow = False