upstream/ipython Files · tools/mknbindex.py

Fix XSS reported on Security list...

Fix XSS reported on Security list No CVE-ID yet August 18, 2015 ----- Reported to Quantopian by Juan Broullón <thebrowfc@gmail.com>... If you create a new folder in the iPython file browser and set Javascript code as its name the code injected will be executed. So, if I create a folder called "><img src=x onerror=alert(document.cookie)> and then I access to it, the cookies will be prompted. The XSS code is also executed if you access a link pointing directly at the folder. jik ------

Fernando Perez - - Load All Authors

File last commit:

r9711:e20ba071


                r21633:3ab41641

Download file

             mknbindex.py
        
                    36 lines
            
             | 1.3 KiB
            
                | text/x-python
            
             |
                PythonLexer
            
             / tools / mknbindex.py
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      #!/usr/bin/env python

      """Simple script to auto-generate the index of notebooks in a given directory.

      """

      import glob

      import urllib

      notebooks = sorted(glob.glob('*.ipynb'))

      tpl = ( '* [{0}](http://nbviewer.ipython.org/url/github.com/ipython/ipython/'

              'raw/master/examples/notebooks/{1})' )

      idx = [ 

      """# A collection of Notebooks for using IPython effectively

      The following notebooks showcase multiple aspects of IPython, from its basic

      use to more advanced scenarios.  They introduce you to the use of the Notebook

      and also cover aspects of IPython that are available in other clients, such as

      the cell magics for multi-language integration or our extended display

      protocol.

      For beginners, we recommend that you start with the 5-part series that

      introduces the system, and later read others as the topics interest you.

      Once you are familiar with the notebook system, we encourage you to visit our

      [gallery](https://github.com/ipython/ipython/wiki/A-gallery-of-interesting-IPython-Notebooks)

      where you will find many more examples that cover areas from basic Python

      programming to advanced topics in scientific computing.

      """]

      idx.extend(tpl.format(nb.replace('.ipynb',''), urllib.quote(nb)) 

                 for nb in notebooks)

      with open('README.md', 'w') as f:

          f.write('\n'.join(idx))

          f.write('\n')

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				#!/usr/bin/env python
				"""Simple script to auto-generate the index of notebooks in a given directory.
				"""

				import glob
				import urllib

				notebooks = sorted(glob.glob('*.ipynb'))

				tpl = ( '* [{0}](http://nbviewer.ipython.org/url/github.com/ipython/ipython/'
				'raw/master/examples/notebooks/{1})' )

				idx = [
				"""# A collection of Notebooks for using IPython effectively

				The following notebooks showcase multiple aspects of IPython, from its basic
				use to more advanced scenarios. They introduce you to the use of the Notebook
				and also cover aspects of IPython that are available in other clients, such as
				the cell magics for multi-language integration or our extended display
				protocol.

				For beginners, we recommend that you start with the 5-part series that
				introduces the system, and later read others as the topics interest you.

				Once you are familiar with the notebook system, we encourage you to visit our
				[gallery](https://github.com/ipython/ipython/wiki/A-gallery-of-interesting-IPython-Notebooks)
				where you will find many more examples that cover areas from basic Python
				programming to advanced topics in scientific computing.
				"""]

				idx.extend(tpl.format(nb.replace('.ipynb',''), urllib.quote(nb))
				for nb in notebooks)

				with open('README.md', 'w') as f:
				f.write('\n'.join(idx))
				f.write('\n')