[IPython-dev] Some Thoughts on Notebook Security
Tue Dec 11 00:11:47 CST 2012
Oh, yes forgot about that, we will have to clean that HTML as well.
On Mon, Dec 10, 2012 at 10:05 PM, Jason Grout
> On 12/10/12 10:12 PM, Brian Granger wrote:
>> into eval. This only happens when code is run, not when the notebook
>> is loaded, so it is less critical, but still needs to be fixed.
>> objects altogether.
>> Will these two things not completely fix the security problems we
>> currently have?
> It appears that IPython.core.display.HTML() allows <script> tags in the
> html the user submits:
> import IPython
> IPython-dev mailing list
Brian E. Granger
Cal Poly State University, San Luis Obispo
firstname.lastname@example.org and email@example.com
More information about the IPython-dev