Jupyter REST API '_xsrf' argument missing from POST

[c3zeshizheng]

I am trying write a tool to upload batch files to a remote jupyter server of which I don't have SSH access. After some digging I wrote up a function in Python which uses Requests package to send PUT request to the jupyter server.

However, no matter I use token or password for spinning up the jupyter server, it always give me an error code of 403 with '_xsrf' argument missing from POST.

Below is my function:

def jupyter_upload(token, filePath, resourceDstPath, jupyterUrl='http://localhost:8888'):
    """
        Uploads File to Jupyter Notebook Server
        ----------------------------------------
        :param token:
            The authorization token issued by Jupyter for authentification 
            (enabled by default as of version 4.3.0)
        :param filePath:
            The file path to the local content to be uploaded

        :param resourceDstPath:
            The path where resource should be placed.
            The destination directory must exist.

        :param jupyterUrl:
            The url to the jupyter server. Default value is typical localhost installation.

        :return: server response

    """
    # format destination paths
    dstPath = urllib.parse.quote(resourceDstPath)
    # combine the jupyter url with the destination path
    dstUrl = '%s/api/contents/%s' % (jupyterUrl, dstPath)
    # not sure what is this doing
    fileName = filePath[1 + filePath.rfind(os.sep):]
    # maybe need to change headers to password
    headers = {}
    headers['Authorization'] = 'token '+ token
    with open(filePath, 'rb') as myfile:
        data=myfile.read()
        b64data=base64.encodebytes(data)
        body = json.dumps({
            'content':b64data.decode("utf-8"),
            'name': fileName,
            'path': resourceDstPath,
            'format': 'base64',
            'type':'file'
        })
        return requests.put(dstUrl, data=body, headers=headers, verify=True)```