On 6/23/13 1:03 AM, Adam Barth wrote: > It depends on how you load SVG. If you use <img src="foo.svg">, then > it's covered by the img-src directive. If you use <iframe > src="foo.svg">, then it's frame-src. If you use <object > data="foo.svg">, then it's object-src. We're talking specifically about SVG resource documents, not any of those. So filter(url) and company. -BorisReceived on Sunday, 23 June 2013 12:58:25 UTC
This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:02 UTC