Sandbox HTML output in an iframe #997
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import {ArrayType, MapType, OptionalType, StructField, StructType} from "../../data/data_type"; | ||
| import embed from "vega-embed"; | ||
|
|
||
| const frames: Record<number, HTMLIFrameElement> = {}; |
There was a problem hiding this comment.
Maybe it would be better if this was scoped to each notebook?
There was a problem hiding this comment.
I'm not sure what the practical benefit would be, other than guilt about global state in JavaScript-land. This is a big stupid workaround to begin with; I figured there was no point in pretending it wasn't 😛
| resizeTimeout = window.setTimeout(updateSizes, 250); | ||
| }) | ||
|
|
||
| function updateSizes() { |
There was a problem hiding this comment.
Does this still work if the frame is currently out of view (when another notebook tab is selected)?
There was a problem hiding this comment.
I think so? I mean the function will work, but I don't know what the frame will say about itself if its host iframe isn't in the DOM. 😬
jonathanindig
approved these changes
Dec 3, 2020
22e8ebf to
c6d364a
Compare
670786d to
a4df1a1
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Sandbox HTML output in an iframe.
This is to prevent malicious HTML from accessing the notebook or communicating with the server.
An attempt is made to keep the iframe sized to its content so that it looks like it's reasonably inline. But this is tricky and will probably need some refinement as issues are discovered.