Kaspersky
Solved

kaspersky 2021 anti-banner is causing issue with jupyterlab [Fixed in 2021MR2]

  • 14 August 2020
  • 9 replies
  • 294 views

kaspersky 2021 anti-banner is causing issue with jupyterlab, everything is fine if I turn off anti-banner or using Kaspersky 2020. Jupyterlab seems to be not able to connect with python kernel (something with _xsrf as you can see in the screenshot, I guess kaspersky anti-banner modified the traffic/cookie somehow), it will be a potentially big issue as Jupyterlab is widely adapted in scientific community to run python.

My system:

Win10 x64 2004

KIS 2021 MR1 patch a

Python 3.8.5

jupyterlab 2.1.5

 

Way to reproduce in a clean VM:

  1. Install KIS2021 and enable anti-banner
  2. Download https://repo.anaconda.com/miniconda/Miniconda3-latest-Windows-x86_64.exe and install Miniconda (tick the option to add conda to PATH)
  3. Open command line and type “conda install jupyterlab”
  4. and then type “jupyter lab” to open jupyter notebook
  5. create a new notebook and connect to python3 kernel, the HTTP403 _xsrf error will occur unless you disable anti-banner before doing step 4 and 5

 

icon

Best answer by Wesly.Zhang 20 October 2020, 08:30

@Wesly.Zhang can you raise the concern of this issue to 2021 MR2 beta development to make sure it gets fixed in the next version?


Hello,

They have fixed this issue in 2021 MR2. So Let’s wait for this build release.

Regards.

View original

9 replies

Userlevel 7
Badge +9

Hello @henryskyleung,

Welcome back!

Have any exclusions been created?

  1. Open KIS, select More tools, select Reports, select Detailed reports, select Anti-Banner, 24hrs & or 7days (whichever period reflects when the issue occured), select Export, save as a .txt file; repeat the Report export for Web Anti-Virus & File Anti-Virus → attach:paperclip: Reports to your reply?

Please post back?

Thank you:pray_tone3:

Flood:whale:

I am experiencing exactly the same. I am a scientist using jupyter lab within the Anaconda distribution for scientific coding. I was clever enought to define some exclusions in the web anti virus settings tab for localhost:8888, where I run my jupyter lab server. This solves the problems only for a few minutes. Afterwards the same error is thrown again:

[W 01:35:16.516 LabApp] 403 PUT /lab/api/workspaces/lab?1602891315216 (::1): '_xsrf' argument missing from POST
[W 01:35:16.516 LabApp] '_xsrf' argument missing from POST
[W 01:35:16.518 LabApp] 403 PUT /lab/api/workspaces/lab?1602891315216 (::1) 585.81ms referer=http://localhost:8888/lab
[W 01:35:16.979 LabApp] 403 PUT /lab/api/workspaces/lab?1602891316966 (::1): '_xsrf' argument missing from POST
[W 01:35:16.983 LabApp] '_xsrf' argument missing from POST
[W 01:35:16.984 LabApp] 403 PUT /lab/api/workspaces/lab?1602891316966 (::1) 13.99ms referer=http://localhost:8888/lab
[W 01:35:17.108 LabApp] 403 POST /api/sessions?1602891317096 (::1): '_xsrf' argument missing from POST
[W 01:35:17.108 LabApp] '_xsrf' argument missing from POST
[W 01:35:17.110 LabApp] 403 POST /api/sessions?1602891317096 (::1) 3.00ms referer=http://localhost:8888/lab
[W 01:35:17.112 LabApp] 403 POST /api/sessions?1602891317094 (::1): '_xsrf' argument missing from POST
[W 01:35:17.114 LabApp] '_xsrf' argument missing from POST
[W 01:35:17.114 LabApp] 403 POST /api/sessions?1602891317094 (::1) 7.00ms referer=http://localhost:8888/lab

 

If I completely deactivate anti bannner, the Jupyter Lab server is working just fine.
I suggest to your developers to consider this issue as urgent, since there are a lot of critical scientific tasks to be solved by Jupyter. In relation to the pandamic crysis, this may even save or destroy lifes.

Userlevel 7
Badge +9

Hello @pascal_94

Welcome!

  • Raise a request with Kaspersky Technical Support, fill in the KIS21, Application malfunction, Other template → see following image, include a GSI & Windows Logs, images & provide a detailed history with as much detail as possible, so Technical experts understand, also, in the request, include a link/URL to this Community topic; Support will probably request Traces, they will give you the steps required to collect the data

 

  • After submitting the case, you’ll receive an automated email with an INC+12digits reference number, then, normally, within 5 business days, a Kaspersky Technical Support human will communicate with you, also by email, you may continue to engage with the Kaspersky Technical Team via email or by updating the INC in your MyKaspersky account.
  • Please post the incident # here in your topic? 
  • Please share the outcome with the Community when it’s available?

Thank you:pray_tone3:

Flood:whale:+:whale2:

I have submitted a case.

The ticket ID is:

INC000011996316

 

Userlevel 7
Badge +4

Hello,

I am downloading this software, and the download speed is very slow. Before I test your problem, can you set it up here and see if the problem will be resolved.

BTW. Could you check anti-banner report in Detail Report Window. Is there any information in it? Does it related to the application?

Regards.

Userlevel 7
Badge +4

​Hello,

Pervious solution doesn’t take effect. You doesn’t take care it.

I have test the application. As a workaround, Please set your browser as trusted application just like this.

This set means you trust and avp doesn’t scan any network traffic from your local machine, just like 127.0.0.1 and localhost. So may problem come from localhost and loopback address.

I record a video to confirm this workaround will work fine: https://cloud.qainfo.ru/s/OgJFuLU66pr4OsP

Regards.

@Wesly.Zhang can you raise the concern of this issue to 2021 MR2 beta development to make sure it gets fixed in the next version?

Userlevel 7
Badge +4

@Wesly.Zhang can you raise the concern of this issue to 2021 MR2 beta development to make sure it gets fixed in the next version?


Hello @henryskyleung 

Sure. I will.

Userlevel 7
Badge +4

@Wesly.Zhang can you raise the concern of this issue to 2021 MR2 beta development to make sure it gets fixed in the next version?


Hello,

They have fixed this issue in 2021 MR2. So Let’s wait for this build release.

Regards.

Reply / Ответить