Closed vincentbernat closed 2 years ago
When used in an image context, SVG cannot execute scripts, be styled or fetch additional resources. So, they are as safe as other formats.
When used in a <a> tag, it could starts executing JS, but only in its own context, so it shouldn't be dangerous either.
<a>
This raises the question on which image format is dangerous.
When used in an image context, SVG cannot execute scripts, be styled or fetch additional resources. So, they are as safe as other formats.
When used in a
<a>tag, it could starts executing JS, but only in its own context, so it shouldn't be dangerous either.This raises the question on which image format is dangerous.