Answer the question
In order to leave comments, you need to log in
How to safely upload SVG to a website?
It is necessary to add the ability for users to upload SVG images to the site. Is there any way to safely load SVG so that malicious code cannot be embedded in it?
Answer the question
In order to leave comments, you need to log in
"Big Uncles" host SVGs uploaded by users on a separate (sub)domain.
For example, wikipedia keeps them on upload.wikimedia.org
whatever script is embedded in the downloadable SVG, executing it won't do anything for the villain, because The Same Origin Policy of browsers keeps it in a separate sandbox and does not allow access to the content and cookies of the main site.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question