this way, you can ask if a particular event will be handled by the
shortcuts system. This takes away the need to special-case many
different possible keys which should be ignored by codemirror by
ignoring them en masse.
Our edit mode keyboard shortcuts don't distinguish between being in a
code cell or in a text cell, so it makes sense to handle both in one
place. This is a first step in that direction.
This code was repeated in both CodeCell and TextCell, both of which are
extensions of Cell, so this just unifies the logic in Cell.
TextCell had logic here to check if the cell was rendered or not, but I
don't believe it is possible to end up triggering such a code path.
(Should that be required, I can always just add back these methods to
TextCell, performing the .rendered==True check, and calling the Cell
prior to this, code mirror at_top would only return true on if the
cursor was at the first character of the top line. Now, pressing up
arrow on any character on the top line will take you to the cell above.
The same applies for the bottom line. Pressing down arrow would only go
to the next cell if the cursor was at a location *after* the last
character (something that is only possible to achieve in vim mode if the
last line is empty, for example). Now, down arrow on any character of
the last line will go to the next cell.
Adds HTML sanitization.
The basics:
- untrusted HTML is always sanitized, with no warning
(there is console logging for changes made)
- markdown is always treated as untrusted
- no warnings for simply excluded output (e.g. Javascript)
- CSS tags and attributes are always stripped from untrusted HTML
- never check whether HTML is "safe," only sanitize
- add 'Trust notebook' to File menu
