monkeyking

Commit Graph

Author	SHA1	Message	Date
Paul Ivanov	b9e448b160	DRY: refactor common keyboard handling to Cell Our edit mode keyboard shortcuts don't distinguish between being in a code cell or in a text cell, so it makes sense to handle both in one place. This is a first step in that direction.	12 years ago
Paul Ivanov	15f4345ba3	typo, use keycodes object instead of magic numbers	12 years ago
Paul Ivanov	bf3ecdb35f	DRY: factor out common handle_keyevent method This method was identical in both CodeCell and TextCell	12 years ago
Paul Ivanov	71d4c427c9	refactor to improve cell switching in edit mode This code was repeated in both CodeCell and TextCell, both of which are extensions of Cell, so this just unifies the logic in Cell. TextCell had logic here to check if the cell was rendered or not, but I don't believe it is possible to end up triggering such a code path. (Should that be required, I can always just add back these methods to TextCell, performing the .rendered==True check, and calling the Cell prior to this, code mirror at_top would only return true on if the cursor was at the first character of the top line. Now, pressing up arrow on any character on the top line will take you to the cell above. The same applies for the bottom line. Pressing down arrow would only go to the next cell if the cursor was at a location after the last character (something that is only possible to achieve in vim mode if the last line is empty, for example). Now, down arrow on any character of the last line will go to the next cell.	12 years ago
Paul Ivanov	8889a7581c	start better keyboard handling	12 years ago
Brian E. Granger	1407b4347e	Merge pull request #5268 from ellisonbg/cmd-mode Refactoring Notebook.command_mode	12 years ago
Min RK	aaedd1a311	Merge pull request #5283 from takluyver/widget-del Remove Widget.closed attribute	12 years ago
Thomas Kluyver	95dc697e3b	Remove Widget.closed attribute Closes gh-5282	12 years ago
MinRK	7d87978a66	fix a typo introduced by a rebased PR caused heading cells to appear in both rendered and unrendered state	12 years ago
Jonathan Frederic	de9b5b907e	Fab CSS	12 years ago
juhasch	72864cc83c	append Firefox overflow-x fix	12 years ago
MinRK	3588fe40a9	Merge Security Pull Request: google-caja Adds HTML sanitization. The basics: - untrusted HTML is always sanitized, with no warning (there is console logging for changes made) - markdown is always treated as untrusted - no warnings for simply excluded output (e.g. Javascript) - CSS tags and attributes are always stripped from untrusted HTML - never check whether HTML is "safe," only sanitize - add 'Trust notebook' to File menu	12 years ago
MinRK	54e1558c16	make trust notebook dialog a single paragraph	12 years ago
MinRK	8cd744db85	mention that Trust triggers reload	12 years ago
MinRK	9396619f9d	security.js docstrings	12 years ago
Brian E. Granger	4e0a2ee476	Make sure we are in command mode before we select a new cell.	12 years ago
Brian E. Granger	8d38e042df	Merge pull request #5158 from ivanov/fix-5157 log refusal to serve hidden directories	12 years ago
MinRK	d8f2e320f2	trust method docstrings	12 years ago
MinRK	d5b0026cf1	trust via mark cells and save, rather than trust API request	12 years ago
MinRK	e7f3c05d28	remove unused get_attr_names	12 years ago
MinRK	6792d38215	log excluded untrusted output	12 years ago
MinRK	aaefc5f296	remove warning for stripped output	12 years ago
MinRK	b5c8a51331	disable trust notebook menu item on trusted notebooks	12 years ago
MinRK	c9c23cd71c	cleanup test_nbmanager use class setUp / teardown instead of the same context manager in every test	12 years ago
MinRK	1ae689f30c	Add Trust Notebook to File menu	12 years ago
MinRK	46665483ed	remove struct-returning sanitize only keep str-str sanitization	12 years ago
MinRK	d4780c2cfc	remove security.is_safe	12 years ago
MinRK	d59e44a190	default to allow_css = false	12 years ago
MinRK	4d35660f3c	sanitize CSS rather than removing it entirely	12 years ago
MinRK	d7b1e8b45b	test style	12 years ago
MinRK	5f7f1c51ec	remove unused security warning	12 years ago
MinRK	c49f04545a	don't use `result.safe` to communicate incomplete information	12 years ago
MinRK	028ce17c62	fix tagName comparison	12 years ago
MinRK	a7dc526b2b	testing for sanitize	12 years ago
MinRK	3897b1c39f	don't populate sanitized.safe by default since it's potentially expensive. walk nodes in is_safe	12 years ago
MinRK	6384502e47	sanitize untrusted HTML output rather than checking is_safe	12 years ago
MinRK	3d0957c7bc	trust latex If mathjax is insecure, we have big problems. And we already trust mathjax in markdown cells, so this is consistent.	12 years ago
MinRK	4b01948200	check trust of data-attributes in sanitization	12 years ago
MinRK	367b4f85c2	wrap caja.sanitizeAttribs to trust data-* attributes	12 years ago
MinRK	c298670a4b	use html-sanitizer instead of html-css always scrub css (for now)	12 years ago
MinRK	eec5d427a4	add cmp_tree, in case caja log can't be trusted (spoiler: it can't)	12 years ago
MinRK	0da66543a0	move security js test	12 years ago
MinRK	890c0be1dd	always sanitize markdown don't check if it's safe or not	12 years ago
MinRK	2a0451fdde	use google-caja for sanitization	12 years ago
Brian E. Granger	07cdb1e195	Adding first round of security tests of is_safe.	12 years ago
Brian E. Granger	3b262912a1	Display safe HTML+SVG even if untrusted, but don't set trusted=1.	12 years ago
Brian E. Granger	31c9e08fa8	Don't render insecure Markdown and show warning.	12 years ago
Brian E. Granger	fa3f998295	Adding security.js with 1st attempt at is_safe.	12 years ago
Brian E. Granger	6f4263dc74	Removing conditionals that are not needed.	12 years ago
Paul Ivanov	6c8cccf9e3	fix test suite is_hidden expects the file to actually exist, so I've rearranged the logic such that is_hidden is called only after it's clear that the file exists.	12 years ago

1 2 3 4 5 ...

1599 Commits (b9e448b160d2336cb433294dc50db6d36d75eae9)