Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

notebook gives blank page when start #4467

Closed
andrewsunst opened this issue Mar 10, 2019 · 66 comments · Fixed by #4468

Comments

@andrewsunst
Copy link

commented Mar 10, 2019

It used to work fine until I changed python to lower version today(3.7 to 3.6). The jupyter notebook keeps giving me blank page when started. I changed the version back and it doesn't help. No error in the terminal. The error in the browser are as follows:
Refused to execute script from '<URL>' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled. VM26 tree:1 Refused to execute script from 'http://localhost:8888/static/components/es6-promise/promise.min.js?v=f004a16cb856e0ff11781d01ec5ca8fe' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled. VM26 tree:1 Refused to execute script from 'http://localhost:8888/static/components/preact/index.js?v=00a2fac73c670ce39ac53d26640eb542' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled. VM26 tree:1 Refused to execute script from 'http://localhost:8888/static/components/proptypes/index.js?v=c40890eb04df9811fcc4d47e53a29604' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled. VM26 tree:1 Refused to execute script from 'http://localhost:8888/static/components/preact-compat/index.js?v=aea8f6660e54b18ace8d84a9b9654c1c' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled. VM26 tree:1 Refused to execute script from 'http://localhost:8888/static/components/requirejs/require.js?v=951f856e81496aaeec2e71a1c2c0d51f' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled. VM26 tree:1 Refused to execute script from 'http://localhost:8888/static/tree/js/main.min.js?v=ab9f3a6cf8347df927864d58cfad7931' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled. VM26 tree:24 Uncaught ReferenceError: require is not defined at VM26 tree:24

I check some other posts which said to clean browser caches and cookies which doesn't help for my case. Any idea about how to fix this problem?

@joddiy

This comment has been minimized.

Copy link

commented Mar 10, 2019

Me too, with python3.7 at windows10.
And from the log, there's a 302 redirect record:
[I 01:04:46.632 NotebookApp] 302 GET /tree (::1) 1.00ms
I guess the localhost address is redirected to ::1.

@windyslove

This comment has been minimized.

Copy link

commented Mar 10, 2019

I have the same issue , python3.7 ,win10

@andrewsunst

This comment has been minimized.

Copy link
Author

commented Mar 10, 2019

Me too, with python3.7 at windows10.
And from the log, there's a 302 redirect record:
[I 01:04:46.632 NotebookApp] 302 GET /tree (::1) 1.00ms
I guess the localhost address is redirected to ::1.

We have exactly the same problem in here.

@ciaranlangton

This comment has been minimized.

Copy link
Contributor

commented Mar 10, 2019

Same issue here on Python 3.7.2, experienced on both Chrome (before and after clearing cache) and on Microsoft Edge. The issue appears to be that Jupyter's webserver is returning Content-Type: text/plain for main.min.js and all other JS files, which causes browsers to reject loading them under MIME checks.

Edit: It's most likely that this is an issue with the latest changelog item, which involves Content Type option changes:

5.7.6
-----

5.7.6 contains a security fix for a cross-site inclusion (XSSI) vulnerability,
where files at a known URL could be included in a page from an unauthorized website if the user is logged into a Jupyter server.
The fix involves setting the ``X-Content-Type-Options: nosniff``
header, and applying CSRF checks previously on all non-GET
API requests to GET requests to API endpoints and the /files/ endpoint.

The attacking page is able to access some contents of files when using Internet Explorer through script errors,
but this has not been demonstrated with other browsers.
A CVE has been requested for this vulnerability.

Edit 2: Opened a PR with a quick fix.

@andrewsunst

This comment has been minimized.

Copy link
Author

commented Mar 11, 2019

@ciaranlangton Hey, thanks for the update but here is the strange thing. I tried the latest version (5.7.6) on another pc and it works fine. I also tried to modify the notebookapp.py as your pr but it doesn't fix the problem. So I am thinking about there might be something else.

@ciaranlangton

This comment has been minimized.

Copy link
Contributor

commented Mar 11, 2019

@andrewsunst sorry to hear that it didn't fix it, is the other PC a Windows based machine? Plus, when you applied the patch, did you clear cache (either explicitly through browser options or CTRL+F5). It would also be helpful if you could see what the Content-Type header is on the working PC for the JavaScript files

@andrewsunst

This comment has been minimized.

Copy link
Author

commented Mar 11, 2019

Well actually, it works after I clean the cache! So for the one that works, I don't exactlly know what do you suggest to take a look at. Is that something from the browser? If so then it is as follows:
image

@ciaranlangton

This comment has been minimized.

Copy link
Contributor

commented Mar 11, 2019

@andrewsunst

This comment has been minimized.

Copy link
Author

commented Mar 11, 2019

So I followed your procedure and found the content-type in only one of the .js files which is http://localhost:8888/static/tree/js/main.min.js?. The content-type appears as
E.setRequestHeader("Content-Type",h.contentType)
and I checked the value of it which I think is as follows
return utils.promising_ajax(this.api_url(), { processData: false, type : "PATCH", data: JSON.stringify(newdata), dataType : "json", contentType: 'application/json', }
The other one is contentType:"application/x-www-form-urlencoded; charset=UTF-8". So is there anything we can get from these?

@Ornstein89

This comment has been minimized.

Copy link

commented Mar 11, 2019

Still same problem. Blank page in either Chrome, or Opera. Either file tree page, or notebooks pages.
Got message in the console after attempt F5 or Ctrl+F5
[I 11:27:26.543 NotebookApp] 302 GET /?token=3023f5b77855d20b9cba73dd0036e2a7a4df1c1c77fcae77 (::1) 1.00ms
and
image
in browser.
Win10 1809 17763.348, latest Chrome 72.0.3626.121, python 3.7.1. By the way, downgrading jupyter and it's separate components, included ipython, with pip, make file tree page visible, but notebook page still blank.
P.S. ipython notebook shows the same behavior.

@simonsaysL

This comment has been minimized.

Copy link

commented Mar 11, 2019

I am having the same identical issue here. Both with python 3.6.8 and python 3.7.1. Browsers: Opera, Brave and Microsoft Edge

@xNi-cOx

This comment has been minimized.

Copy link

commented Mar 11, 2019

Same Problem here. Python 3.7.2 and Jupyter notebook 5.7.6. Tried Firefox, Chrome, Opera and Edge

@alvaroqueiroz

This comment has been minimized.

Copy link

commented Mar 11, 2019

I have the exact same problem, any solutions yet?

@manaimran

This comment has been minimized.

Copy link

commented Mar 11, 2019

I am struggling with the same problem

@MR6996

This comment has been minimized.

Copy link

commented Mar 11, 2019

I have same problem with Chrome and Edge. I have Python 3.6.4 and Jupyter 4.4.0.

@unipanic

This comment has been minimized.

Copy link

commented Mar 11, 2019

I'm having the same issue with both chrome and firefox. Tried clearing the cache, but it didn't resolve the issue for me. Python 3.7.2 and Jupyter 4.4.0, installed via pip.

@LukasMueller187

This comment has been minimized.

Copy link

commented Mar 11, 2019

Same problem for me.
Downgraded notebook to 5.7.4, now it is working.
So do
pip uninstall notebook
pip install notebook==5.7.5
edit: use 5.7.5 instead of 5.7.4, see below

@manaimran

This comment has been minimized.

Copy link

commented Mar 11, 2019

Same problem for me.
Downgraded notebook to 5.7.4, now it is working.
So do
pip uninstall notebook
pip install notebook==5.7.4

Thanks. Old version is working.

@AbdullahKaratas

This comment has been minimized.

Copy link

commented Mar 11, 2019

Same problem for me.
Downgraded notebook to 5.7.4, now it is working.
So do
pip uninstall notebook
pip install notebook==5.7.4

Thanks buddy.

@alvaroqueiroz

This comment has been minimized.

Copy link

commented Mar 11, 2019

It didnt work for me, tryed 5.7.4 and 5.7.3. It worked for everyone?

@manaimran

This comment has been minimized.

Copy link

commented Mar 11, 2019

It didnt work for me, tryed 5.7.4 and 5.7.3. It worked for everyone?

Just Clear the cache like CTRL+R or CTRL+Shift+R

@alvaroqueiroz

This comment has been minimized.

Copy link

commented Mar 11, 2019

It didnt work for me, tryed 5.7.4 and 5.7.3. It worked for everyone?

Just Clear the cache like CTRL+R or CTRL+Shift+R

Worked, I'm am using 5.7.5
Thank you!

@LukasMueller187

This comment has been minimized.

Copy link

commented Mar 11, 2019

Yep, when using 5.7.4 there are issues with tornado version 6 (kernel not connecting).
Use 5.7.5 (as alvaroqueiroz suggested), it works with tornado 6.
So instead do (after uninstalling notebook):
pip install notebook==5.7.5

@manaimran

This comment has been minimized.

Copy link

commented Mar 11, 2019

Yep, when using 5.7.4 there are issues with tornado version 6 (kernel not connecting).
Use 5.7.5 (as alvaroqueiroz suggested), it works with tornado 6.
So instead do (after uninstalling notebook):
pip install notebook==5.7.5

Thanks a lot !! Now kernel is running.

@ciaranlangton

This comment has been minimized.

Copy link
Contributor

commented Mar 11, 2019

@andrewsunst thanks for getting back with that, I think I was maybe a bit unclear about my instructions (I was working from a mental image of the debug console). Here's an image with the fields and options highlighted.
image

I think it's rather safe to say though that the issue is caused by the X-Content-Type-Options: nosniff added in the last version, given by @LukasLuMueller and other's rollback attempts, as well as the error message in the browser. I doubt doing the above operation is really worthwhile anymore.

Hopefully the PR can get merged so this issue can be fixed and people can also benefit from the security changes in the latest patch. I'd also appreciate it if anyone else is willing to test the patch that is experiencing this issue and provide feedback if it fixes the issue for them (after clearing browser cache)

@andrewsunst

This comment has been minimized.

Copy link
Author

commented Mar 11, 2019

@ciaranlangton So I checked the Content-type of the .js files in headers and they are application/javascript.

@jmwielandt

This comment has been minimized.

Copy link

commented Mar 12, 2019

Trying on edge, i get this on powershell (txt file) and this curious message
image
jupyter log.txt

i hope this could help to fix whatever that's happening

w10 pro - 1809 - microsoft edge
python 3.6.8

@ejmoya

This comment has been minimized.

Copy link

commented Mar 12, 2019

@Ornstein89
In w10 I have the same problem but it does not solve only with this. To solve it, I went to the directory "AppData\Local\Programs\Python\Python37\Lib\site-packages\notebook\templates" and edit the file "page.html" on line 18, changing the double quotes with single quotes.
Before:
<script src="{{static_url("components/es6-promise/promise.min.js")}}" type="text/javascript" charset="utf-8"></script>

After:
<script src="{{static_url('components/es6-promise/promise.min.js')}}" type="text/javascript" charset="utf-8"></script>

@devedse

This comment has been minimized.

Copy link

commented Mar 25, 2019

@Palladiumm , Why are we fixing bugs in Jupyter notebook with registry hacks?

@Palladiumm

This comment has been minimized.

Copy link

commented Mar 25, 2019

@Palladiumm , Why are we fixing bugs in Jupyter notebook with registry hacks?
IMHO,it is one of the ways to solve this problem rapidly without downgrading Jupyter Notebook to lower version

@ycv005

This comment has been minimized.

Copy link

commented Mar 25, 2019

pip uninstall notebook
pip install notebook==5.7.5

@devedse

This comment has been minimized.

Copy link

commented Mar 26, 2019

I think there's only 2 good solutions for this problem.

  1. Revert the changes. Imho a bug like this should be immediately reverted if it can't be fixed the same day
  2. Fix it in code

I think there could be made some improvements to release management in a product that's used as often as Jupyter Notebook. Things like this shouldn't be open for 2+ weeks.

@Pengcheng-Wang

This comment has been minimized.

Copy link

commented Mar 27, 2019

Same problem for me.
Downgraded notebook to 5.7.4, now it is working.
So do
pip uninstall notebook
pip install notebook==5.7.5
edit: use 5.7.5 instead of 5.7.4, see below

Got the same problem, and solved by this solution. Thanks!

@geonsme

This comment has been minimized.

Copy link

commented Mar 27, 2019

use notebook==5.7.5
below

@minrk minrk closed this in #4468 Mar 27, 2019

@minrk minrk added this to the 5.7.7 milestone Mar 27, 2019

@m2b

This comment has been minimized.

Copy link

commented Mar 27, 2019

Use notebook==5.7.5 and also clear the cache.

@minrk

This comment has been minimized.

Copy link
Member

commented Mar 28, 2019

The fix for this has been released as 5.7.7

pkgw added a commit to pkgw/pywwt that referenced this issue Mar 28, 2019
Fix pywwt on `notebook >=5.7.6`
Version 5.7.6 of the Jupyter notebook module adds a new security feature
related to the HTTP content types
(jupyter/notebook#4467 (comment)). It
breaks pywwt because pywwt has not been returning valid MIME types (AKA
content types) from its internal Jupyter server.

From looking at the main `notebook` implementation, it seems that the correct
approach is to use the `mimetypes` module to get the right value to put in the
Content-Type header, so let's go ahead and do that.
pkgw added a commit to pkgw/pywwt that referenced this issue Mar 28, 2019
Fix pywwt on `notebook >=5.7.6`
Version 5.7.6 of the Jupyter notebook module adds a new security feature
related to the HTTP content types
(jupyter/notebook#4467 (comment)). It
breaks pywwt because pywwt has not been returning valid MIME types (AKA
content types) from its internal Jupyter server.

From looking at the main `notebook` implementation, it seems that the correct
approach is to use the `mimetypes` module to get the right value to put in the
Content-Type header, so let's go ahead and do that.

Closes WorldWideTelescope#191.
@neilpanchal

This comment has been minimized.

Copy link

commented Mar 29, 2019

For those using Conda, run the following command and update to notebook version 5.7.7

conda install notebook

or
conda update notebook

@m05542322

This comment has been minimized.

Copy link

commented Mar 29, 2019

Changing the registry fixed it for me as well:

  1. In the windows menu, search for regedit, open it.
  2. Navigate to Computer > HKEY_CLASSES_ROOT > .js > ContentType
  3. Change value data to text/javascript
  4. Restart jupyter notebook.
  5. Go to browser (chrome) type chrome:restart, and it worked. Hard refresh might work to.

Great thanks for the instructions.
---------------short summary ------------
Win 8, python 3.6.8.

  1. Installed Jupyter Notebook 5.7.6 with the blank page as a result.
  2. uninstalled Jupyter Notebook 5.7.6, after that installed 5.7.5. Works properly.
  3. Uninstalled 5.7.5 after that installed 5.7.6
  4. Changed ContentType in registry
  5. Ctrl+F5 in Opera with opened page
  6. It works! Works!! nice)

It's works for me, thank you!!

@lucky8888

This comment has been minimized.

Copy link

commented Apr 5, 2019

Changing the registry fixed it for me as well:

  1. In the windows menu, search for regedit, open it.
  2. Navigate to Computer > HKEY_CLASSES_ROOT > .js > ContentType
  3. Change value data to text/javascript
  4. Restart jupyter notebook.
  5. Go to browser (chrome) type chrome:restart, and it worked. Hard refresh might work to.

THANKS A LOT

@BeshoyAnwar

This comment has been minimized.

Copy link

commented Apr 8, 2019

Changing the registry fixed it for me as well:

  1. In the windows menu, search for regedit, open it.
  2. Navigate to Computer > HKEY_CLASSES_ROOT > .js > ContentType
  3. Change value data to text/javascript
  4. Restart jupyter notebook.
  5. Go to browser (chrome) type chrome:restart, and it worked. Hard refresh might work to.

Great thanks for the instructions.
---------------short summary ------------
Win 8, python 3.6.8.

  1. Installed Jupyter Notebook 5.7.6 with the blank page as a result.
  2. uninstalled Jupyter Notebook 5.7.6, after that installed 5.7.5. Works properly.
  3. Uninstalled 5.7.5 after that installed 5.7.6
  4. Changed ContentType in registry
  5. Ctrl+F5 in Opera with opened page
  6. It works! Works!! nice)

worked

pkgw added a commit to pkgw/pywwt that referenced this issue Apr 9, 2019
Fix pywwt on `notebook >=5.7.6`
Version 5.7.6 of the Jupyter notebook module adds a new security feature
related to the HTTP content types
(jupyter/notebook#4467 (comment)). It
breaks pywwt because pywwt has not been returning valid MIME types (AKA
content types) from its internal Jupyter server.

From looking at the main `notebook` implementation, it seems that the correct
approach is to use the `mimetypes` module to get the right value to put in the
Content-Type header, so let's go ahead and do that.

Closes WorldWideTelescope#191.
@TareqMonwer

This comment has been minimized.

Copy link

commented Apr 20, 2019

Same problem for me.
Downgraded notebook to 5.7.4, now it is working.
So do
pip uninstall notebook
pip install notebook==5.7.5
edit: use 5.7.5 instead of 5.7.4, see below

Worked for me as well :)

@apiszcz

This comment has been minimized.

Copy link

commented Apr 20, 2019

Had similar issue with 5.7.6, updated to 5.7.7 issue resolved

@swayson

This comment has been minimized.

Copy link

commented Apr 23, 2019

This issues seems to occur in 5.7.8 as well.

image

@swayson

This comment has been minimized.

Copy link

commented Apr 23, 2019

Update: Okay, it seems to be working again in 5.7.8. Had to clear my cache.

@BPietschSNI

This comment has been minimized.

Copy link

commented Apr 23, 2019

None of these fixes worked for me, but changing my default port to something besides 8888 worked. I do a lot of work on AWS where I tunnel into that port to use Jupyter notebook, so that must have had something to do with it. Even with that connection closed though, my local notebook on 8888 didn't want to load and I was getting the same errors as above.

@feldoh

This comment has been minimized.

Copy link

commented Jun 6, 2019

For me it was clearing the cache

@Ianwww

This comment has been minimized.

Copy link

commented Sep 15, 2019

running notebook in aws, after login i get a 302. help????????

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
You can’t perform that action at this time.