Open klonos opened 1 year ago
Re the security concerns, I have opened #5965, to suggest that we move to using http://htmlpurifier.org for HTML filtering in CKEditor, but I see that there's also https://www.drupal.org/project/svg_sanitizer which is a more purpose-specific solution (uses https://github.com/darylldoyle/svg-sanitizer).
This topic comes up very frequently in the forum and the Zulip chat. There are currently a few concerns:
Despite the above, the format is very popular among designers (and browser support is above 99%), so it can be considered a flaw for Backdrop.