On Wednesday, January 17, 2018 at 4:44:38 AM UTC+13, Matthias Bussonnier
wrote:
>
> ... and a flag to disable it with a big warning ...
>
I think a simple name like “enable DNS insecure mode” would do the trick. I
don’t think big warnings are very useful: people just ignore them. But use
a
> My leaning would be to do it as an extra line of defence; given how
complex browsers are and the fact that Jupyter is designed to execute
arbitrary code, defence in depth makes sense.
I would be +1 on this.
Cheers.
2018-01-16 12:44 GMT-03:00 Matthias Bussonnier
Hi Thomas,
Thanks for the heads up, this is nice description. I think it's a good
idea to add this extra line of defense, and a flag to disable it with a big
warning, to give some people the time to upgrade the ability to update the
notebook server without deploying a large change to their
