We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Is your feature request related to a problem? Please describe. No, but would be nice to have a single sanitizing library/package
Describe the solution you'd like SVG files, unlike other image formats are based on XML so they can store malicious tags eg:
<?xml version="1.0" standalone="no"?> <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> <svg version="1.1" baseProfile="full" > <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/> <script type="text/javascript"> alert(document.domain); </script> </svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 500 500"> <script>//<![CDATA[ alert(document.domain) //]]> </script> </svg>
Describe alternatives you've considered N/A
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Is your feature request related to a problem? Please describe.
No, but would be nice to have a single sanitizing library/package
Describe the solution you'd like
SVG files, unlike other image formats are based on XML so they can store malicious tags eg:
Describe alternatives you've considered
N/A
The text was updated successfully, but these errors were encountered: