add notebook signing docs

2024-12-09 03:50:45 +08:00 · 2014-01-28 18:42:28 -08:00 · 2014-01-28 18:42:28 -08:00 · 542e9223e7
commit 542e9223e7
parent eb208b2d77
1 changed files with 29 additions and 0 deletions
--- a/docs/source/interactive/notebook.rst
+++ b/docs/source/interactive/notebook.rst
@ -462,6 +462,35 @@ on available options, use::
    :ref:`notebook_public_server`


+.. _signing_notebooks:
+
+Signing Notebooks
+-----------------
+
+To prevent untrusted code from executing on users' behalf when notebooks open,
+we have added a signature to the notebook, stored in metadata.
+The notebook server verifies this signature when a notebook is opened.
+If the signature stored in the notebook metadata does not match,
+javascript and HTML output will not be displayed on load,
+and must be regenerated by re-executing the cells.
+
+Any notebook that you have executed yourself *in its entirety* will be considered trusted,
+and its HTML and javascript output will be displayed on load.
+
+If you need to see HTML or Javascript output without re-executing,
+you can explicitly trust notebooks, such as those shared with you,
+or those that you have written yourself prior to IPython 2.0,
+at the command-line with::
+
+    $ ipython trust mynotebook.ipynb [other notebooks.ipynb]
+
+This just generates a new signature stored in each notebook.
+
+You can generate a new notebook signing key with::
+
+    $ ipython trust --reset
+
+
 Importing ``.py`` files
 -----------------------