Re: [svgwg] Dissallow inline <script> in SVG (#829) from Paul LeBeau via GitHub on 2021-03-01 (public-svg-issues@w3.org from March 2021)

From: Paul LeBeau via GitHub <sysbot+gh@w3.org>
Date: Mon, 01 Mar 2021 10:43:26 +0000
To: public-svg-issues@w3.org
Message-ID: <issue_comment.created-787847285-1614595405-sysbot+gh@w3.org>

Browsers already have a way to securely and safely display SVG files.  If they are loaded into an `<img>` or `background-image`, no `<script>` elements in the SVG will run.

-- 
GitHub Notification of comment by BigBadaboom
Please view or discuss this issue at https://github.com/w3c/svgwg/issues/829#issuecomment-787847285 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Monday, 1 March 2021 10:43:27 UTC