img-src and inline <svg>

• From: Brad Hill <hillbrad@gmail.com>
• Date: Fri, 25 Jul 2014 12:53:05 -0700
• To: "public-webappsec@w3.org" <public-webappsec@w3.org>
• Message-ID: <CAEeYn8jDLs-yp_Eh+eGCpqALPOL5yTM_RNfnP+qFYzrRVjFkrA@mail.gmail.com>

Should we require 'unsafe-inline' in img-src to allow inline SVG to be rendered?

-Brad

Received on Friday, 25 July 2014 19:53:33 UTC