You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is there somebody who has a SVG policy to merge into an existing one?
I started writing something like the following. Any thoughts on what to exclude to make it safer? For the moment I removed the "script" element and the attributes "crossorigin", "ping" and all attributes starting with "on".
Perhaps this is a policy that could be added since SVG can mixed with HTML.
Is there somebody who has a SVG policy to merge into an existing one?
I started writing something like the following. Any thoughts on what to exclude to make it safer? For the moment I removed the "script" element and the attributes "crossorigin", "ping" and all attributes starting with "on".
Perhaps this is a policy that could be added since SVG can mixed with HTML.
The text was updated successfully, but these errors were encountered: