add notebook signing docs

This commit is contained in:
MinRK 2014-01-28 18:42:28 -08:00
parent eb208b2d77
commit 542e9223e7

View File

@ -462,6 +462,35 @@ on available options, use::
:ref:`notebook_public_server`
.. _signing_notebooks:
Signing Notebooks
-----------------
To prevent untrusted code from executing on users' behalf when notebooks open,
we have added a signature to the notebook, stored in metadata.
The notebook server verifies this signature when a notebook is opened.
If the signature stored in the notebook metadata does not match,
javascript and HTML output will not be displayed on load,
and must be regenerated by re-executing the cells.
Any notebook that you have executed yourself *in its entirety* will be considered trusted,
and its HTML and javascript output will be displayed on load.
If you need to see HTML or Javascript output without re-executing,
you can explicitly trust notebooks, such as those shared with you,
or those that you have written yourself prior to IPython 2.0,
at the command-line with::
$ ipython trust mynotebook.ipynb [other notebooks.ipynb]
This just generates a new signature stored in each notebook.
You can generate a new notebook signing key with::
$ ipython trust --reset
Importing ``.py`` files
-----------------------