W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2014

img-src and inline <svg>

From: Brad Hill <hillbrad@gmail.com>
Date: Fri, 25 Jul 2014 12:53:05 -0700
Message-ID: <CAEeYn8jDLs-yp_Eh+eGCpqALPOL5yTM_RNfnP+qFYzrRVjFkrA@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>

Should we require 'unsafe-inline' in img-src to allow inline SVG to be rendered?

-Brad

Received on Friday, 25 July 2014 19:53:33 UTC

This message: [ Message body ]
Next message: Mike West: "Re: img-src and inline <svg>"
Previous message: Ian Hickson: "Re: [REFERRER] Where does "Determine request’s Referrer" get its URL from?"
Next in thread: Mike West: "Re: img-src and inline <svg>"
Reply: Mike West: "Re: img-src and inline <svg>"
Reply: Anne van Kesteren: "Re: img-src and inline <svg>"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:06 UTC