W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2014

Re: img-src and inline <svg>

From: Mike West <mkwst@google.com>
Date: Sat, 26 Jul 2014 09:03:11 +0200
Message-ID: <CAKXHy=ffWzpf+HEdbrT=7pjmpsMvYRF46aKZQjJep+hq5zmEYQ@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
Makes sense to me.

-mike
--
Mike West <mkwst@google.com>
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91

Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschäftsführer: Graham Law, Christine Elizabeth Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)


On Fri, Jul 25, 2014 at 9:53 PM, Brad Hill <hillbrad@gmail.com> wrote:
> Should we require 'unsafe-inline' in img-src to allow inline SVG to be rendered?
>
> -Brad
>
Received on Saturday, 26 July 2014 07:03:58 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:06 UTC