The critical issue is *security*. Security is the reason the graph
extension is not enabled. Security is the reason why interactive SVGs are not enabled. Interactive visualizations have a programmatic element that consists of code that executes in the user's browser.
Gergő Tisza wrote:
Security is a challenge but could be worked around via iframes.
It is time to resolve this once and for all. How can we adjudicate this question and say definitively that iframes mitigate the security risk of running Javascript in the user's browser if certain specified requirements are met?