summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@kodama.kitenet.net>2008-10-20 21:51:33 -0400
committerJoey Hess <joey@kodama.kitenet.net>2008-10-20 21:51:33 -0400
commit59ef1ebe5dbe10b48024f48f665dceef8d735a88 (patch)
tree30141ceb2c16b60df876345b8123cfffc3f06900
parentcc311beef30bb73a460ce3c573401d6db2d85a80 (diff)
response
-rw-r--r--doc/bugs/SVG_files_not_recognized_as_images.mdwn14
1 files changed, 12 insertions, 2 deletions
diff --git a/doc/bugs/SVG_files_not_recognized_as_images.mdwn b/doc/bugs/SVG_files_not_recognized_as_images.mdwn
index 2339b075a..41452e7c1 100644
--- a/doc/bugs/SVG_files_not_recognized_as_images.mdwn
+++ b/doc/bugs/SVG_files_not_recognized_as_images.mdwn
@@ -1,5 +1,15 @@
-In ikiwiki 2.66, SVG images are not recognized as images. In ikiwiki.pm, the hardcoded list of image file extensions does not include ".svg", which it probably should unless there's some other issue about rendering SVGs?
+In ikiwiki 2.66, SVG images are not recognized as images. In ikiwiki.pm,
+the hardcoded list of image file extensions does not include ".svg", which
+it probably should unless there's some other issue about rendering SVGs?
The 'img' plugin also seems to not support SVGs.
-
+> SVG images can only be included via an `<object>`, `<embed>`, or
+> `<iframe>` tag. Or, perhaps as [inline SVG](http://wiki.svg.org/Inline_SVG).
+> The [[plugins/htmlscrubber]] strips all three tags since they can easily
+> be used maliciously. If doing inline SVG, I'd worry that the svg file
+> could be malformed and mess up the html, or even inject javascript. So,
+> the only options seem to be only supporting svgs on wikis that do not
+> sanitize their html, or assuming that svgs are trusted content and
+> embedding them inline. None of which seem particularly palatable.
+> --[[Joey]]