[NuGet.org Bug]: Images from github readmes are not shown on nuget.org (domain not trusted).

[paulnsk]

Impact

It bothers me. A fix would be nice

Describe the bug

I just added a readme.md to my little nuget package. I did so by using github's built-in markdown editor. When an image is pasted into the editor, it is automatically uploaded to a location similar to this

![image](https://github.com/paulnsk/ConsoleTools/assets/39160578/2328bb9c-1772-450c-a626-7192709b9bde)

which is apparently not suitable for using on nuget.org.

Please include github.com/.../assets to the trusted domain list https://learn.microsoft.com/en-us/nuget/nuget-org/package-readme-on-nuget-org#allowed-domains-for-images-and-badges

Repro Steps

Create a repo on github. When prompted, add a readme file. An editor will open. Paste an image from clipboard and observe the URL as the editor adds the image reference to the readme.md

Expected Behavior

It would be nice to see actual images here

(https://www.nuget.org/packages/manage/upload)

Screenshots

No response

Additional Context and logs

No response

[joelverhagen]

cc @lyndaidaii who is expert in this area

[sailro]

Hitting the same issue. Indeed https://github.com/<user>/<project>/assets/* should be trusted given it is the default on the GitHub side for all pasted images in their markdown editor.

[sailro]

Same here: https://github.com/NuGet/NuGetGallery/issues/9696

[sailro]

Same here: https://github.com/NuGet/NuGetGallery/issues/9621