Can't perform any server-writing actions with wikilabels.
Description
Related Objects
- Mentioned In
- T136521: Periodic database connection error in Wiki labels
- Mentioned Here
- T136521: Periodic database connection error in Wiki labels
Event Timeline
Problem 1: Looks like new javascript for wikilabels was deployed but it wasn't updated for https://meta.wikimedia.org/wiki/MediaWiki:Gadget-WikiLabels.js
That is now fixed.
Problem 2: labels.wmflabs.org returning 403 for all requests from wikilabels.
$.ajax("https://labels.wmflabs.org/auth/whoami/") Object {readyState: 1} load.php?debug=false&lang=en&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=f47W3i0j:140 GET https://labels.wmflabs.org/auth/whoami/ 403 (FORBIDDEN)
The CORS regex doesn't match wikidata.org. This is unrelated as I have been testing on en.wikipedia.org
(3.4)[halfak@graphite: ~/projects/wikilabels-wikimedia-config/config] $ python Python 3.4.3 (default, Jul 28 2015, 18:20:59) [GCC 4.8.4] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import re, yaml >>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://en.wikipedia.org/wiki/Foo") <_sre.SRE_Match object; span=(0, 24), match='https://en.wikipedia.org'> >>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://wikidata.org/wiki/Q2") >>>
$ python Python 3.4.3 (default, Jul 28 2015, 18:20:59) [GCC 4.8.4] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import re, yaml >>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://en.wikipedia.org/wiki/Foo") <_sre.SRE_Match object; span=(0, 24), match='https://en.wikipedia.org'> >>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://wikidata.org/wiki/Q2") <_sre.SRE_Match object; span=(0, 20), match='https://wikidata.org'> >>> re.compile(yaml.load(open("00-main.yaml"))['wsgi']['cors_allowed']).match("https://meta.wikimedia.org/wiki/Bar") <_sre.SRE_Match object; span=(0, 26), match='https://meta.wikimedia.org'>
Looks like I was wrong. Only the auth/whoami is returning 403 (which is what it is supposed to do when a user isn't auth'd).
$.ajax("https://labels-staging.wmflabs.org/campaigns/").complete(function(d){console.log(d)}) Object {readyState: 1} VM1106:1 Object {readyState: 4, responseText: "{↵ "info": "Welcome to the campaigns module. Thi… "urwiki",↵ "viwiki",↵ "wikidatawiki"↵ ]↵}", responseJSON: Object, status: 200, statusText: "OK"}
So, I'm going through the auth process as intended, but I guess the system is continuing to tell me I haven't. Checking on that now.
Eeek! Looks like we are getting a periodic database connection error too.
May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: 2016-05-29 16:06:34,639 ERROR:wikilabels -- Exception on /users/6877667/4/ [GET] May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: Traceback (most recent call last): May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1817, in wsgi_app May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: response = self.full_dispatch_request() May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1477, in full_dispatch_request May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: rv = self.handle_user_exception(e) May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1381, in handle_user_exception May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: reraise(exc_type, exc_value, tb) May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/_compat.py", line 33, in reraise May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: raise value May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1475, in full_dispatch_request May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: rv = self.dispatch_request() May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "/srv/wikilabels/venv/lib/python3.4/site-packages/flask/app.py", line 1461, in dispatch_request May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: return self.view_functions[rule.endpoint](**req.view_args) May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "./wikilabels/wsgi/routes/users.py", line 56, in get_user_campaign May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: stats=stats) May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "./wikilabels/database/worksets.py", line 99, in for_user May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: row['stats'] = self.stats_for(row['id']) May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: File "./wikilabels/database/worksets.py", line 48, in stats_for May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: return next(cursor) May 29 16:06:34 wikilabels-01 uwsgi-wikilabels-web[8825]: psycopg2.ProgrammingError: no results to fetch[pid: 8830|app: 0|req: 3158/23603] 10.68.21.68 ()
I'll put this in another task.
I've learned that I can do the full OAuth handshake from https://labels.wmflabs.org/gadget/ and https://labels-staging.wmflabs.org/gadget/.
So it's something related to the Wikipedia origin of the requests.
The following works just fine.
$.ajax("https://labels-staging.wmflabs.org/auth/") Object {readyState: 1}
Accessing https://labels-staging.wmflabs.org/auth/whoami/ directly returns :
{ "user": { "id": 6877667 } }
Accessing the same address via $.ajax() on the wiki page results in:
$.ajax("https://labels-staging.wmflabs.org/auth/whoami/") Object {readyState: 1} load.php?debug=false&lang=en&modules=jquery%2Cmediawiki&only=scripts&skin=vector&version=f47W3i0j:140 GET https://labels-staging.wmflabs.org/auth/whoami/ 403 (FORBIDDEN)
So, something weird is happening with interpreting the origin... I guess.
Aha! Not sending cookies through a CORS request! http://stackoverflow.com/questions/14462423/cross-domain-post-request-is-not-sending-cookie-ajax-jquery
need to add:
xhrFields: { withCredentials: true }, crossDomain: true,
Then we get this:
$.ajax("https://labels-staging.wmflabs.org/auth/", {xhrFields: { withCredentials: true }, crossDomain: true}) Object {readyState: 1} Wikipedia:Labels:1 XMLHttpRequest cannot load https://labels-staging.wmflabs.org/auth/. Credentials flag is 'true', but the 'Access-Control-Allow-Credentials' header is ''. It must be 'true' to allow credentials. Origin 'https://en.wikipedia.org' is therefore not allowed access.
Updated wikilabels to provide a credentials flag here: https://github.com/wiki-ai/wikilabels/commit/08aadf590d79ba1d2b9455d24ddfe64355a1ae0b
Deployed and checked on staging with:
$.ajax("https://labels-staging.wmflabs.org/auth/whoami/", {xhrFields: {withCredentials: true}, crossDomain: true}).complete(function(data){console.log(data)}) Object {readyState: 1} VM500:1 Object {readyState: 4, responseText: "{↵ "user": {↵ "id": 6877667↵ }↵}", responseJSON: Object, status: 200, statusText: "OK"}
OK. So it looks like the remaining issue has to do with assigning tasks.
We get:
index.php?title=MediaWiki:Gadget-WikiLabels.js&action=raw&ctype=text/javascript&_=1464540154662:2102 Uncaught TypeError: Cannot read property 'tasks' of undefined
This is because "tasks=" is expected in the query string, but it is being sent via post vars. So we need to get the value from post vars. I fixed this in https://github.com/wiki-ai/wikilabels/commit/ad49da4f39834bc60d704695642ff0cf66efcea7
I also tested on labels-staging by requesting a new workset and seeing it work.
About this: wikidata doesn't send "https://wikidata.org" as origin. It returns "https://www.wikidata.org" which matches ;)