Jupyter error message - 403: Forbidden

Hello,

I’m getting the following error message when trying to connect to the jupyter notebook:

403 : Forbidden

The error was:

'_xsrf' argument missing from POST

before.sh:

c.NotebookApp.ip = '*'
c.NotebookApp.port = ${port}
c.NotebookApp.port_retries = 0
c.NotebookApp.password = u'sha1:${SALT}:${PASSWORD_SHA1}'
c.NotebookApp.base_url = '/node/${host}/${port}/'
c.NotebookApp.open_browser = False
c.NotebookApp.allow_origin = '*'
c.NotebookApp.notebook_dir = '${HOME}'
c.NotebookApp.disable_check_xsrf = True
c.JupyterNotebookApp.default_url = 'tree${NOTEBOOK_ROOT}'
c.LabApp.default_url = 'tree${NOTEBOOK_ROOT}'

Thank you very much!

Is this on initial connect to jupyter notebook or is it on some subsequent action like saving a notebook?

If it’s on initial login, can you share your view.html.erb?

Thank you for responding. It’s on the initial connect.

$ cat view.html.erb
<form action="/node/<%= host %>/<%= port %>/login" method="post" target="_blank">
  <input type="hidden" name="password" value="<%= password %>">
  <button class="btn btn-primary" type="submit">
    <i class="fa fa-eye"></i> Connect to Jupyter
  </button>
</form>

Thank you!

view.html.erb looks OK. I wonder if it’s these configurations that are throwing you off?

Same error message without those two lines.

OK - is there anything in the output.log that would indicate why this is happening? Also what version are you on? Googling around it appears some versions don’t respond to c.NotebookApp.disable_check_xsrf which is a bug they fixed at some point.

# pip3 freeze |grep -i jupyter
jupyter-events==0.10.0
jupyter-lsp==2.2.5
jupyter_client==8.6.3
jupyter_core==5.7.2
jupyter_server==2.14.2
jupyter_server_terminals==0.5.3
jupyterlab==4.3.2
jupyterlab_pygments==0.3.0
jupyterlab_server==2.27.3

notebook==7.3.1
notebook_shim==0.2.4

output.log:

Discovered Jupyter Notebook server listening on port 23869!
TIMING - Wait ended at: Thu Dec 12 09:11:20 AM EST 2024
[I 2024-12-12 09:11:20.672 ServerApp] Skipped non-installed server(s): bash-language-server, dockerfile-language-server-nodejs, javascript-typescript-langserver, jedi-language-server, julia-language-server, pyright, python-language-server, python-lsp-server, r-languageserver, sql-language-server, texlab, typescript-language-server, unified-language-server, vscode-css-languageserver-bin, vscode-html-languageserver-bin, vscode-json-languageserver-bin, yaml-language-server
Generating connection YAML file...
[W 2024-12-12 09:11:33.809 ServerApp] 403 POST /node/node701.host.edu/23869/login (128.112.133.136): '_xsrf' argument missing from POST
[W 2024-12-12 09:11:33.832 ServerApp] 403 POST /node/node701.host.edu/23869/login (@128.112.133.136) 23.40ms referer=https://ondemand.host.edu/pun/sys/dashboard/batch_connect/sessions

Just for future reference - the issue was that the jupyter command did not have the --config flag so it was never responding to the c.NotebookApp.disable_check_xsrf config.

And thanks @brandonbiggs for the support!

Thank you, both!!!

Happy Holidays