New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →

jupyterlab-xssguard

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

jupyterlab-xssguard

A JupyterLab extension to insert code block output into iframe.

1.0.1
PyPI

Maintainers: 1

jupyterlab-xssguard

A JupyterLab extension that mitigates XSS attacks by sandboxing the HTML output element of code cells.

The extension works by embedding the HTML output of code cells inside a sandboxed iframe, that disallows access to its parent document.

In case of an XSS attack such as CVE-2024-27132, the JavaScript payload will not be able to escape the plugin's sandbox to run arbitrary Python code or access sensitive DOM elements.

No XSSGuard

before

With XSSGuard

after

Requirements

JupyterLab >= 4.0.0

Installation

We recommend installing the extension through JupyterLab's Extension Manager -

install

For a standalone installation, execute:

pip install jupyterlab-xssguard

Keywords

FAQs

What is jupyterlab-xssguard?

Is jupyterlab-xssguard well maintained?

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

jupyterlab-xssguard

jupyterlab-xssguard

No XSSGuard

With XSSGuard

Requirements

Installation

Keywords

Related posts

Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional

Maven Central Adds Sigstore Signature Validation