tag:blogger.com,1999:blog-9095199769828185336.comments2023-06-16T07:46:54.262+01:00<malicious></markup><malicious></markup>http://www.blogger.com/profile/09307330030699407775noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-9095199769828185336.post-5545418596560866422008-11-28T22:17:00.000+00:002008-11-28T22:17:00.000+00:00Ah, i see 'where you are coming from' now.Good poi...Ah, i see 'where you are coming from' now.<BR/>Good points, thanks.Ruud Steltenpoolhttps://www.blogger.com/profile/06049882271100102394noreply@blogger.comtag:blogger.com,1999:blog-9095199769828185336.post-61301302302451802722008-11-26T18:23:00.000+00:002008-11-26T18:23:00.000+00:00Thanks for the link - didn't know that resourc...Thanks for the link - didn't know that resource.<BR/><BR/>I agree but this article is more or less meant to point out the risks when working with SVG for developers. Since many webdevs know surprisingly few things about XML, namespacing and the browsers capabilities and also consider SVGs to be kind of regular images I found it important to drag some things together.<BR/><BR/>Especially the inline SVG stuff can - in certain scenarios - easily be used as entry point for an attack. Most XSS filters for example do not check incoming data for tags formed like <namespace:tagname>.<BR/><BR/>Also I do have trouble in believing that the more a component is being the more secure it is :)<BR/><BR/>Cheers!<malicious></markup>https://www.blogger.com/profile/09307330030699407775noreply@blogger.comtag:blogger.com,1999:blog-9095199769828185336.post-29301817827004083532008-11-26T17:00:00.000+00:002008-11-26T17:00:00.000+00:00On the security aspect the SVG standard is nothing...On the security aspect the SVG standard is nothing different than (X)HTML.<BR/>The implementations of SVG often re-use well-tested parts built for (X)HTML, so i don't suspect much difference in practice either.<BR/><BR/>Loads of SVG links via http://svg.startpagina.nlRuud Steltenpoolhttps://www.blogger.com/profile/06049882271100102394noreply@blogger.comtag:blogger.com,1999:blog-9095199769828185336.post-58057027455902281662008-11-13T18:07:00.000+00:002008-11-13T18:07:00.000+00:00Great job, I wonder how fast Windows will react.Ke...Great job, I wonder how fast Windows will react.<BR/>Keep on your great work<BR/>Greetings from NY<BR/>JAnonymousnoreply@blogger.com