On 05/27/2014 12:37 PM, "Christian Müller" wrote:
Point 2) should be considered the easiest implementation, 1) is harder to implement but gives even more freedom to SVG creators and would adhere more closely to SVG standard. However, another argument for 2) would be the licensing issue: It ensures that only images are linked to that have been properly licensed by commons users and the upload process (and if a license violation is detected and the linked-to bitmap removed from commons, the SVG using such a bitmap breaks gracefully).
The problem with either is that, short of installing a very complicated and brittle full URL parser in the SVG validation code, you open the door to a number of very nearly insurmountable (and highly catastrophic) security issues, the most important of which is that you then allow anyone able to upload an image the capability to force either the client or (worse) the image scalers to perform an arbitrary GET on the projects -- including such things as API calls simply by viewing or processing an image.
Even stringent validation is brittle and opens a number of hard to track security vulnerabilities.
-- Marc