[BUG] Bokeh doesn't support IPv6 websocket origins
huaracheguarache opened this issue · comments
Software versions
Python version : 3.12.2 | packaged by conda-forge | (main, Feb 16 2024, 20:50:58) [GCC 12.3.0]
IPython version : (not installed)
Tornado version : 6.4
Bokeh version : 3.4.0
BokehJS static path : /var/home/michael/micromamba/envs/test_bokeh/lib/python3.12/site-packages/bokeh/server/static
node.js version : (not installed)
npm version : (not installed)
jupyter_bokeh version : (not installed)
Operating system : Linux-6.8.1-300.fc40.x86_64-x86_64-with-glibc2.39
Browser name and version
Firefox 124.0.1
Jupyter notebook / Jupyter Lab version
No response
Expected behavior
Serving a Bokeh script with an IPv6 address in --allow-websocket-origin should allow you to connect over said IPv6 address.
Observed behavior
Adding attempting to do this with either [::1]:5006 or ::1:5006 results in an invalid host value error.
Example code
from bokeh.plotting import figure, show, curdoc
p = figure(width=400, height=400)
# add a line renderer
p.line([1, 2, 3, 4, 5], [6, 7, 2, 4, 5], line_width=2)
curdoc().add_root(p)Stack traceback or browser console output
Trying with [::1]:5006:
(test_bokeh) michael@localhost:~/src/koding/python/bokeh_ipv6_test$ bokeh serve --show main.py --allow-websocket-origin=[::1]:5006
/var/home/michael/micromamba/envs/test_bokeh/bin/bokeh:10: UserWarning:
It looks like you might be running the main.py of a directory app directly.
If this is the case, to enable the features of directory style apps, you must
call "bokeh serve" on the directory instead. For example:
bokeh serve my_app_dir/
If this is not the case, renaming main.py will suppress this warning.
sys.exit(main())
2024-04-06 14:36:26,836 Starting Bokeh server version 3.4.0 (running on Tornado 6.4)
ERROR: Invalid host value: [::1]:5006
And with ::1:5006:
(test_bokeh) michael@localhost:~/src/koding/python/bokeh_ipv6_test$ bokeh serve --show main.py --allow-websocket-origin=::1:5006
/var/home/michael/micromamba/envs/test_bokeh/bin/bokeh:10: UserWarning:
It looks like you might be running the main.py of a directory app directly.
If this is the case, to enable the features of directory style apps, you must
call "bokeh serve" on the directory instead. For example:
bokeh serve my_app_dir/
If this is not the case, renaming main.py will suppress this warning.
sys.exit(main())
2024-04-06 14:37:20,682 Starting Bokeh server version 3.4.0 (running on Tornado 6.4)
ERROR: Invalid host value: ::1:5006
Screenshots
No response
@huaracheguarache is this something you have any interest in working on in Bokeh? Speaking plainly, a new contributor with their own directly motivating use-case to solve would probably result in the fastest movement on this.
Sure, I could give it a try, but I can't promise anything given my coding skills ;)
In order to be able to separate IPv6 addresses and port values I think it's best to adopt the same address format that browsers use, where IPv6 addresses are enclosed inside square brackets (example address and port):
[2001:db8:85a3:8d3:1319:8a2e:370:7348]:5006
I can see that the address validation in util.py is fairly simple. Should I keep it that way with IPv6 as well, or should I include some regex to check whether the provided IPv6 address is a valid address? I can also try to extend this to the IPv4 code to make a more thorough validity check of those addresses as well.
@huaracheguarache We'd be happy to have any improvements to the IP checking in create_hosts_allowlist. For the sake of modularity, perhaps the regex checking could be moved out to check_ipv4 and check_ipv6 helper functions (or similar).
Note that permitting ipv6 addresses in create_hosts_allowlist may not be entirely sufficient. Bokeh is built on top of Tornado so I would actually suggest a quick search to see if there are any caveats or gotchas related to ipv6 and Tornado. But if just updating create_hosts_allowlist gets things working for your local testing, that's also an encouraging sign.