Open ThomasWollmann opened 5 years ago
Correct, they should be detected as xml. Would this be a feature request then ? We can sniff them to SVG, but we probably shouldn't display due to possible XSS attacks.
I agree that this can face security issues. Maybe one of the solutions in https://digi.ninja/blog/svg_xss.php is suitable for us?
When uploading SVGs they are always detected as some other dataformat.