|
|
|
|
@ -78,6 +78,13 @@ class NbconvertFileHandler(IPythonHandler):
|
|
|
|
|
|
|
|
|
|
SUPPORTED_METHODS = ('GET',)
|
|
|
|
|
|
|
|
|
|
@property
|
|
|
|
|
def content_security_policy(self):
|
|
|
|
|
# In case we're serving HTML/SVG, confine any Javascript to a unique
|
|
|
|
|
# origin so it can't interact with the notebook server.
|
|
|
|
|
return super(NbconvertFileHandler, self).content_security_policy + \
|
|
|
|
|
"; sandbox allow-scripts"
|
|
|
|
|
|
|
|
|
|
@web.authenticated
|
|
|
|
|
def get(self, format, path):
|
|
|
|
|
|
|
|
|
|
@ -145,6 +152,13 @@ class NbconvertFileHandler(IPythonHandler):
|
|
|
|
|
class NbconvertPostHandler(IPythonHandler):
|
|
|
|
|
SUPPORTED_METHODS = ('POST',)
|
|
|
|
|
|
|
|
|
|
@property
|
|
|
|
|
def content_security_policy(self):
|
|
|
|
|
# In case we're serving HTML/SVG, confine any Javascript to a unique
|
|
|
|
|
# origin so it can't interact with the notebook server.
|
|
|
|
|
return super(NbconvertPostHandler, self).content_security_policy + \
|
|
|
|
|
"; sandbox allow-scripts"
|
|
|
|
|
|
|
|
|
|
@web.authenticated
|
|
|
|
|
def post(self, format):
|
|
|
|
|
exporter = get_exporter(format, config=self.config)
|
|
|
|
|
|
Thomas Kluyver
8 years ago