notebook: Regression: CSS styles in markdown not shown in v6.4.6
Describe the bug
A user reported on mailing list that CSS styles do not work for them. They somewhat incorrectly attributed it to a security fix in version 6.4.3. The facts are:
- version 6.4.4 contained a fix and worked well
- version 6.4.5 worked well
- version 6.4.6 regressed and the styles do not work any more in markdown cells
We saw that in JupyterLab too: https://github.com/jupyterlab/jupyterlab/issues/11473. This is not a result of any deliberate action taken by Jupyter maintainers; instead an update to klona
broke sanitize-html
which broke allowing to pass styles. I described this in https://github.com/jupyterlab/jupyterlab/issues/11473#issuecomment-974695619; the upstream issue is https://github.com/apostrophecms/sanitize-html/issues/510.
It appears that v6.4.6 was released using releaser. This seems to have pulled a newer version of klona. To counteract that I think that we need to update sanitize-html
and to do so we need to bump @jupyterlab/apputils
to 3.2.x get https://github.com/jupyterlab/jupyterlab/pull/11510; currently we have:
https://github.com/jupyter/notebook/blob/ea5bfc413f830c6809ca496773a6d1861077a6a9/package.json#L22
To Reproduce Steps to reproduce the behavior:
- Create markdown cell
- Enter
<span style="color: red; font-size: 30px">test</span>
- Render cell
- See that text is not red and not large
Expected behavior A clear and concise description of what you expected to happen.
Screenshots
Seen in 6.4.6:
Expected (and seen in 6.4.4 and 6.4.5):
Desktop (please complete the following information):
- OS: Ubuntu
- Browser Chrome
- Version 96
Additional context Add any other context about the problem here.
About this issue
- Original URL
- State: closed
- Created 2 years ago
- Comments: 16 (15 by maintainers)
I tested v6.4.7 and it fixes the issue locally for me. @gutow please let us know if the new release helps 😃
In any case, I think we can keep this ticket open to see if we can figure out why there is some installation-sequence dependency as reported by @gutow, but this would require some more user feedback to narrow down when it happens so we can triangulate.
v6.4.7 has been released. 🎉
6.4.7 looks like a fix for this regression! An install into a clean pipenv
pip install -U jupyter
picks notebook==6.4.7 and the style rendering works.Thank you.
I do not presently have time to try doing an update to a non-working installation to see if it also properly recovers that. I will try to get to that.