[IPython-dev] Some Thoughts on Notebook Security
Tue Dec 11 00:05:59 CST 2012
On 12/10/12 10:12 PM, Brian Granger wrote:
> into eval. This only happens when code is run, not when the notebook
> is loaded, so it is less critical, but still needs to be fixed.
> objects altogether.
> Will these two things not completely fix the security problems we
> currently have?
It appears that IPython.core.display.HTML() allows <script> tags in the
html the user submits:
More information about the IPython-dev