How would this work for non-wmf wikis? what about executing JavaScript that
is posted to a approved wiki? This would make XSS and a whole host of other
problems a lot easier to do. So we whitelist
commons.wikimedia.org whats
stopping a user from making a user subpage with some JS code that executes
something arbitrary? Leaving SVG without external media is honestly the
best way of doing it. Would you really trust a file that can load just
about anything it wants arbitrarily?
On Tue, May 27, 2014 at 9:05 PM, C. Scott Ananian <cananian(a)wikimedia.org>wrote;wrote:
I agree that a simple whitelist might be workable, but
it does depend
on a bit of code auditing of librsvg to ensure that it can be done
robustly.
--scott
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l