Page MenuHomePhabricator

Wikilabels is down
Closed, ResolvedPublic

Description

Can't perform any server-writing actions with wikilabels.

Event Timeline

Halfak created this task.May 29 2016, 3:51 PM
Restricted Application added subscribers: Luke081515, TerraCodes, Urbanecm, Aklapper. · View Herald TranscriptMay 29 2016, 3:51 PM

Problem 1: Looks like new javascript for wikilabels was deployed but it wasn't updated for https://meta.wikimedia.org/wiki/MediaWiki:Gadget-WikiLabels.js

That is now fixed.

Problem 2: labels.wmflabs.org returning 403 for all requests from wikilabels.

$.ajax("https://labels.wmflabs.org/auth/whoami/")
Object {readyState: 1}
load.php?debug=false&lang=en&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=f47W3i0j:140 GET https://labels.wmflabs.org/auth/whoami/ 403 (FORBIDDEN)

Looks like the gadget still works as expected. See http://labels.wmflabs.org/gadget/

The CORS regex doesn't match wikidata.org. This is unrelated as I have been testing on en.wikipedia.org

(3.4)[halfak@graphite: ~/projects/wikilabels-wikimedia-config/config]
$ python
Python 3.4.3 (default, Jul 28 2015, 18:20:59) 
[GCC 4.8.4] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import re, yaml
>>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://en.wikipedia.org/wiki/Foo")
<_sre.SRE_Match object; span=(0, 24), match='https://en.wikipedia.org'>
>>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://wikidata.org/wiki/Q2")
>>>

Updated in https://github.com/wiki-ai/wikilabels-wikimedia-config/commit/3f7b958d958f5804192ee6b6ff43cce3ac749363

$ python
Python 3.4.3 (default, Jul 28 2015, 18:20:59) 
[GCC 4.8.4] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import re, yaml
>>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://en.wikipedia.org/wiki/Foo")
<_sre.SRE_Match object; span=(0, 24), match='https://en.wikipedia.org'>
>>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://wikidata.org/wiki/Q2")
<_sre.SRE_Match object; span=(0, 20), match='https://wikidata.org'>
>>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://meta.wikimedia.org/wiki/Bar")
<_sre.SRE_Match object; span=(0, 26), match='https://meta.wikimedia.org'>

Pushing to staging to run tests

Looks like I was wrong. Only the auth/whoami is returning 403 (which is what it is supposed to do when a user isn't auth'd).

$.ajax("https://labels-staging.wmflabs.org/campaigns/").complete(function(d){console.log(d)})
Object {readyState: 1}
VM1106:1 Object {readyState: 4, responseText: "{↵  "info": "Welcome to the campaigns module.  Thi… "urwiki",↵    "viwiki",↵    "wikidatawiki"↵  ]↵}", responseJSON: Object, status: 200, statusText: "OK"}

So, I'm going through the auth process as intended, but I guess the system is continuing to tell me I haven't. Checking on that now.

Eeek! Looks like we are getting a periodic database connection error too.

May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: 2016-05-29 16:06:34,639 ERROR:wikilabels -- Exception on /users/6877667/4/ [GET]
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: Traceback (most recent call last):
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1817, in wsgi_app
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: response = self.full_dispatch_request()
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1477, in full_dispatch_request
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: rv = self.handle_user_exception(e)
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1381, in handle_user_exception
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: reraise(exc_type, exc_value, tb)
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/_compat.py", line 33, in reraise
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: raise value
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1475, in full_dispatch_request
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: rv = self.dispatch_request()
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1461, in dispatch_request
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: return self.view_functions[rule.endpoint](**req.view_args)
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "./wikilabels/wsgi/routes/users.py", line 56, in get_user_campaign
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: stats=stats)
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "./wikilabels/database/worksets.py", line 99, in for_user
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: row['stats'] = self.stats_for(row['id'])
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "./wikilabels/database/worksets.py", line 48, in stats_for
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: return next(cursor)
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: psycopg2.ProgrammingError: no results to fetch[pid: 8830|app: 0|req: 3158/23603] 10.68.21.68 ()

I'll put this in another task.

I've learned that I can do the full OAuth handshake from https://labels.wmflabs.org/gadget/ and https://labels-staging.wmflabs.org/gadget/.

So it's something related to the Wikipedia origin of the requests.

The following works just fine.

$.ajax("https://labels-staging.wmflabs.org/auth/")
Object {readyState: 1}

Accessing https://labels-staging.wmflabs.org/auth/whoami/ directly returns :

{
"user": {
"id": 6877667
}
}

Accessing the same address via $.ajax() on the wiki page results in:

$.ajax("https://labels-staging.wmflabs.org/auth/whoami/")
Object {readyState: 1}
load.php?debug=false&lang=en&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=f47W3i0j:140 GET https://labels-staging.wmflabs.org/auth/whoami/ 403 (FORBIDDEN)

So, something weird is happening with interpreting the origin... I guess.

Aha! Not sending cookies through a CORS request! http://stackoverflow.com/questions/14462423/cross-domain-post-request-is-not-sending-cookie-ajax-jquery

need to add:

xhrFields: {
     withCredentials: true
},
crossDomain: true,

Then we get this:

$.ajax("https://labels-staging.wmflabs.org/auth/", {xhrFields: {
           withCredentials: true
      },
      crossDomain: true})
Object {readyState: 1}
Wikipedia:Labels:1 XMLHttpRequest cannot load https://labels-staging.wmflabs.org/auth/. Credentials flag is 'true', but the 'Access-Control-Allow-Credentials' header is ''. It must be 'true' to allow credentials. Origin 'https://en.wikipedia.org' is therefore not allowed access.

Updated wikilabels to provide a credentials flag here: https://github.com/wiki-ai/wikilabels/commit/08aadf590d79ba1d2b9455d24ddfe64355a1ae0b

Deployed and checked on staging with:

$.ajax("https://labels-staging.wmflabs.org/auth/whoami/", {xhrFields: {withCredentials: true}, crossDomain: true}).complete(function(data){console.log(data)})
Object {readyState: 1}
VM500:1 Object {readyState: 4, responseText: "{↵  "user": {↵    "id": 6877667↵  }↵}", responseJSON: Object, status: 200, statusText: "OK"}

OK. So it looks like the remaining issue has to do with assigning tasks.

We get:

index.php?title=MediaWiki:Gadget-WikiLabels.js&action=raw&ctype=text/javascript&_=1464540154662:2102 Uncaught TypeError: Cannot read property 'tasks' of undefined

This is because "tasks=" is expected in the query string, but it is being sent via post vars. So we need to get the value from post vars. I fixed this in https://github.com/wiki-ai/wikilabels/commit/ad49da4f39834bc60d704695642ff0cf66efcea7

I also tested on labels-staging by requesting a new workset and seeing it work.

Halfak claimed this task.May 29 2016, 5:32 PM
Halfak moved this task from Backlog to Done on the Machine Learning Platform (Current) board.

The CORS regex doesn't match wikidata.org. This is unrelated as I have been testing on en.wikipedia.org

(3.4)[halfak@graphite: ~/projects/wikilabels-wikimedia-config/config]
$ python
Python 3.4.3 (default, Jul 28 2015, 18:20:59) 
[GCC 4.8.4] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import re, yaml
>>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://en.wikipedia.org/wiki/Foo")
<_sre.SRE_Match object; span=(0, 24), match='https://en.wikipedia.org'>
>>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://wikidata.org/wiki/Q2")
>>>

About this: wikidata doesn't send "https://wikidata.org" as origin. It returns "https://www.wikidata.org" which matches ;)

Ladsgroup closed this task as Resolved.Jun 1 2016, 9:31 AM