search

jupyter-book / thebe

Turn static HTML pages into live documents with Jupyter kernels.
https://thebe.readthedocs.io
BSD 3-Clause "New" or "Revised" License
395 stars 68 forks source link

Should the default selector be `pre[data-executable=true]` rather than just `[data-executable]`? #50

Open nthiery opened 6 years ago

nthiery commented 6 years ago

Currently, with the default selector, any tag with data-executable will be made into a cell. Also, you can't explicitly deactivate a cell by using data-executable=false.

cc: @sebasguts

vishwesh5 commented 6 years ago

Hi @nthiery! Do we have an option of making a cell read-only? Similar to what thebe used to have.

nthiery commented 6 years ago

Do we have an option of making a cell read-only? Similar to what thebe used to have.

You mean that the user can not change, but still execute?

Not as far as I know. This sounds natural though and presumably should take just a couple lines + adding one option in the configuration. thebelab is meant to remain lightweight though; so @minrk may have an opinion about whether we are reaching feature creep; this depends also on the demand.

I don't know myself enough JupyterLab to implement it at once myself. Contribution welcome :-)

vishwesh5 commented 6 years ago

Hi again @nthiery! Actually, I was thinking since the entire thing can be an issue from security perspective, if we can stop the users from editing, it will be great. I would wait to hear @minrk's opinion regarding this. Meanwhile I will try to implement this from my side as well.

Thanks!

nthiery commented 6 years ago

Actually, I was thinking since the entire thing can be an issue from security perspective, if we can stop the users from editing, it will be great.

Hmm, I would not use this feature for security purpose: if the browser can execute the command, then most likely a user can forge a page that can execute a variant of the command.

Cheers,

vishwesh5 commented 6 years ago

Umm, what I had as an idea is this. I am planning to right a blog post with some Deep Learning examples. I thought that maybe along with the theory, I will use this feature. If I can make the cells read-only, I can at least make it difficult for them to run some different code. Also, to further save myself, I thought of asking users to use local server. That way if they just want to read the code, they can and if they want to run it, they can run a simple jupyter server.

What do you think about this approach?

Thanks!