How to avoid cross site scripting (XSS) errors

with the Jupyter local runtime for Colab

A quick tip on how to avoid cross site scripting (XSS) errors when using the Jupyter local runtime with Google Colab, by configuring the Jupyter notebook server to allow connections from the Colab origin and using the appropriate command line options.

data science

ds-tips

google-colab

colab

tool-tip

xss

So the trick is

to use --NotebookApp.allow_origin and --no-browser
and get the token from the command line when connecting to Google colab.

jupyter notebook --NotebookApp.allow_origin='https://colab.research.google.com' \
  --port=9090 --no-browser

Citation

BibTeX citation:

@online{bochman2020,
  author = {Bochman, Oren},
  title = {How to Avoid Cross Site Scripting {(XSS)} Errors},
  date = {2020-02-20},
  url = {https://orenbochman.github.io/posts/2020/02-20-avoid-cross-site-scriptin-errors-with-a-Jupyter-local-runtime/},
  langid = {en}
}

For attribution, please cite this work as:

Bochman, Oren. 2020. “How to Avoid Cross Site Scripting (XSS) Errors.” February 20. https://orenbochman.github.io/posts/2020/02-20-avoid-cross-site-scriptin-errors-with-a-Jupyter-local-runtime/.