##// END OF EJS Templates
upstream » ipython
RSS

Clone from https://github.com/ipython/ipython.git

Fix XSS reported on Security list...
Fix XSS reported on Security list No CVE-ID yet August 18, 2015 ----- Reported to Quantopian by Juan Broullón <thebrowfc@gmail.com>... If you create a new folder in the iPython file browser and set Javascript code as its name the code injected will be executed. So, if I create a folder called "><img src=x onerror=alert(document.cookie)> and then I access to it, the cookies will be prompted. The XSS code is also executed if you access a link pointing directly at the folder. jik ------
MinRK - - Load All Authors

File last commit:

r10201:06a54042
r21633:3ab41641
Show More
__init__.py
72 lines | 2.1 KiB | text/x-python | PythonLexer
/ IPython / parallel / __init__.py
History | Annotation | Raw |Copy content |Copy permalink
"""The IPython ZMQ-based parallel computing interface.
Authors:
* MinRK
"""
#-----------------------------------------------------------------------------
# Copyright (C) 2011 The IPython Development Team
#
# Distributed under the terms of the BSD License. The full license is in
# the file COPYING, distributed as part of this software.
#-----------------------------------------------------------------------------
#-----------------------------------------------------------------------------
# Imports
#-----------------------------------------------------------------------------
import os
import warnings
import zmq
from IPython.config.configurable import MultipleInstanceError
from IPython.utils.zmqrelated import check_for_zmq
min_pyzmq = '2.1.11'
check_for_zmq(min_pyzmq, 'IPython.parallel')
from IPython.utils.pickleutil import Reference
from .client.asyncresult import *
from .client.client import Client
from .client.remotefunction import *
from .client.view import *
from .controller.dependency import *
from .error import *
from .util import interactive
#-----------------------------------------------------------------------------
# Functions
#-----------------------------------------------------------------------------
def bind_kernel(**kwargs):
"""Bind an Engine's Kernel to be used as a full IPython kernel.
This allows a running Engine to be used simultaneously as a full IPython kernel
with the QtConsole or other frontends.
This function returns immediately.
"""
from IPython.kernel.zmq.kernelapp import IPKernelApp
from IPython.parallel.apps.ipengineapp import IPEngineApp
# first check for IPKernelApp, in which case this should be a no-op
# because there is already a bound kernel
if IPKernelApp.initialized() and isinstance(IPKernelApp._instance, IPKernelApp):
return
if IPEngineApp.initialized():
try:
app = IPEngineApp.instance()
except MultipleInstanceError:
pass
else:
return app.bind_kernel(**kwargs)
raise RuntimeError("bind_kernel be called from an IPEngineApp instance")