Re: Interactive Declarative Animation in <img>

On 03/26/2015 07:32 PM, David Dailey wrote:
> Very interesting considerations. In fussing around with things at Wikipedia
> and Ello, I stumbled into the "no external resources" rule, since I wanted
> bitmaps inside an SVG, and found I had to use base64 encoding of said
> bitmaps to make it happen.  I realized, at the time, why external resources
> would be a security/privacy risk to the audience, but wondered if a
> same-domain exception might be applied. If a resource (like an image file)
> came from the same domain, is there still a problem with that?

As I think Doug suggested elsewhere in this thread, let's try to keep
this thread focused on a single topic. (interactive animations in <img>,
per the current subject-line). If you want to start a discussion about
allowing same-domain external resources, please start a separate thread
about that.

Briefly, though, the reason there's no same-domain exception is: sites
may have open redirectors, which means we don't really know that "same
origin" URLs are actually "same origin". See and

> but all that sniffing data would
> stay under the ever careful and respectful auspices of the social network
> wouldn't it?

Not if the social network has an open redirector, per above. (like )

Anyway, if you have further thoughts on this, let's start a new thread.

Received on Friday, 27 March 2015 03:01:41 UTC