mirror of
https://github.com/jupyter/notebook.git
synced 2024-12-21 04:10:17 +08:00
35f32dd2da
No CVE-ID yet August 18, 2015 ----- Reported to Quantopian by Juan Broullón <thebrowfc@gmail.com>... If you create a new folder in the iPython file browser and set Javascript code as its name the code injected will be executed. So, if I create a folder called "><img src=x onerror=alert(document.cookie)> and then I access to it, the cookies will be prompted. The XSS code is also executed if you access a link pointing directly at the folder. jik ------ |
||
|---|---|---|
| docs | ||
| git-hooks | ||
| notebook | ||
| scripts | ||
| tools | ||
| .bowerrc | ||
| .gitignore | ||
| .gitmodules | ||
| .mailmap | ||
| .travis.yml | ||
| bower.json | ||
| CONTRIBUTING.md | ||
| COPYING.md | ||
| Dockerfile | ||
| MANIFEST.in | ||
| package.json | ||
| README.md | ||
| setup.cfg | ||
| setup.py | ||
| setupbase.py | ||
Jupyter Notebook
The Jupyter HTML notebook is a web-based notebook environment for interactive computing.
Dev quickstart:
- ensure that you have node/npm installed (e.g.
brew install nodeon OS X) - Clone this repo and cd into it
pip install --pre -e .
NOTE: For Debian/Ubuntu systems, if you're installing the system node you need to use the 'nodejs-legacy' package and not the 'node' package.
Launch with:
jupyter notebook
Example installation (tested on Ubuntu Trusty):
sudo apt-get install nodejs-legacy npm python-virtualenv python-dev
# ensure setuptools/pip are up-to-date
pip install --upgrade setuptools pip
git clone https://github.com/jupyter/notebook.git
cd notebook
pip install --pre -e .
jupyter notebook