Jonathan Frederic
|
03ceccf7a1
|
Re-add ignore_minified_js
|
10 years ago |
|
Jonathan Frederic
|
d340a794fc
|
Compile services/contents
|
10 years ago |
|
Jonathan Frederic
|
508804153a
|
Remove ignore minified
|
10 years ago |
Diego Mesa
|
482ed8a5a3
|
updating log.warn to log.warning
|
10 years ago |
Min RK
|
c280b773fb
|
use session.deserialize to unpack message for rate limiting
rather than hardcoding json.loads
Messages should **never** be deserialized by any means other than the Session API.
|
10 years ago |
|
Min RK
|
8aa4f1e60c
|
allow zmq check_origin with no args
terminado may call `self.check_origin()`
in which case we should grab origin from the headers.
|
10 years ago |
Steven Silvester
|
fe03de7471
|
Avoid error when using a cross-origin websocket
|
10 years ago |
Jeroen Demeyer
|
17b3643891
|
Interpret mathjax_url relative to base_url
|
10 years ago |
|
Min RK
|
c2c39a7c9d
|
move common websocket methods to WebSocketMixin
- origin check
- ws ping
used by both kernels and terminals
|
10 years ago |
Jonathan Frederic
|
831b2a523b
|
Merge pull request #472 from minrk/base-url-always-encoded
avoid double-encoding base_url
|
10 years ago |
|
Steven Silvester
|
65eb248209
|
Add the method to the correct base class
|
10 years ago |
|
Min RK
|
8de725a8de
|
server-side fixes for double-escaped base_url
|
10 years ago |
Zach Schwartz
|
2e16713e32
|
moved check_origin to IPythonHandler
|
11 years ago |
Matthias Bussonnier
|
2d5d548d79
|
Revert "Use NPM, node ES5, and browserify."
|
11 years ago |
|
Jonathan Frederic
|
81a2998fe0
|
Dynamically load contents, also browserify contents.
|
11 years ago |
|
Matthias Bussonnier
|
d4b1e9aa99
|
Wrong default.
Change from True to False after rename from use_bundle to ignore_minified_js
|
11 years ago |
|
Matthias Bussonnier
|
f9ad56e206
|
Add option to not use minified javascript and ease developpement.
|
11 years ago |
|
Min RK
|
b001be2c82
|
check origin of API requests
protects agains CSRF on POST endpoints via forms.
|
11 years ago |
|
Min RK
|
e4cc3a6ea2
|
FileFindHandler inherits from IPythonHandler
in order to get default CSP headers
|
11 years ago |
|
Min RK
|
5403d2479d
|
make content_security_policy a property
and *add* `default-src: 'none'` to API handlers
custom CSP applies to all handlers
|
11 years ago |
|
Min RK
|
709ed0d04b
|
Add APIHandler base class
- ensures all API responses are json
- sets CSP to prevent js execution on all API replies
|
11 years ago |
|
Min RK
|
1a91f8ce74
|
remove clusters tab from notebook
moving to an nbextension in ipyparallel
|
11 years ago |
|
Min RK
|
d71a59cc9f
|
s/jupyter_notebook/notebook
|
11 years ago |
