lucaspalomodevelop/indico-plugins
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/indico-plugins.git synced 2026-03-12 23:27:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
indico-plugins/previewer_jupyter/indico_previewer_jupyter/controllers.py
Indico Team b16a368ba1 Happy new year 2016! 
Bump license headers to 2016
2016-01-01 04:59:45 +01:00

62 lines
2.5 KiB
Python
Raw Blame History

# This file is part of Indico.
# Copyright (C) 2002 - 2016 European Organization for Nuclear Research (CERN).
#
# Indico is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 3 of the
# License, or (at your option) any later version.
#
# Indico is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Indico; if not, see <http://www.gnu.org/licenses/>.
import nbformat
from flask import session, render_template, request
from nbconvert.exporters import HTMLExporter
from traitlets.config import Config
from werkzeug.exceptions import Forbidden
from indico.modules.attachments import Attachment
from MaKaC.webinterface.rh.base import RH
from indico_previewer_jupyter.cpp_highlighter import CppHighlighter
class RHEventPreviewIPyNB(RH):
def _checkProtection(self):
RH._checkProtection(self)
if not self.attachment.can_access(session.user):
raise Forbidden
def _checkParams(self, params):
RH._checkParams(self, params)
self.attachment = Attachment.find_one(id=request.view_args['attachment_id'], is_deleted=False)
def _process(self):
config = Config()
config.HTMLExporter.preprocessors = [CppHighlighter]
config.HTMLExporter.template_file = 'full'
with self.attachment.file.open() as f:
notebook = nbformat.read(f, as_version=4)
html_exporter = HTMLExporter(config=config)
body, resources = html_exporter.from_notebook_node(notebook)
css_code = '\n'.join(resources['inlining'].get('css', []))
# Use CSP to restrict access to possibly malicious scripts or inline JS
csp_header = "script-src 'self' cdn.mathjax.org cdnjs.cloudflare.com;"
self._responseUtil.headers['Content-Security-Policy'] = csp_header
self._responseUtil.headers['X-Webkit-CSP'] = csp_header
# IE10 doesn't have proper CSP support, so we need to be more strict
self._responseUtil.headers['X-Content-Security-Policy'] = "sandbox allow-same-origin;"
return render_template('previewer_jupyter:ipynb_preview.html', attachment=self.attachment,
html_code=body, css_code=css_code)
Reference in New Issue View Git Blame Copy Permalink