Skip to content

Instantly share code, notes, and snippets.

Sven Slootweg joepie91

Block or report user

Report or block joepie91

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
paragonie-scott / SVG
Last active Sep 19, 2016
image/svg+xml considered harmful: an open letter to
View SVG


Filed an issue to address this particular concern.

Thanks joepie91 for finding the folks responsible and getting the conversation started.

Currently, SVG is a security foot-cannon that allows attackers to upload a Stored XSS payload when a user views the image directly. Example.

You can’t perform that action at this time.