On further researching the three possible tags (embed, object and iframe) it appears that only iframe was specifically intended to be secure and I'm guessing that it isn't considered safe enough for a wiki with public access?
To be able to add svg illustrations to fossil wiki docs these are the remaining options: 1. Use the full html option which means losing wiki bullets, lists and paragraphing. 2. Export the svg graphics to png files which is a PITA 3. Add a build or runtime configurable option to fossil that allows certain risky tags. Any other suggestions? On Mon, Aug 29, 2011 at 4:03 PM, Matt Welland <[email protected]> wrote: > The following when loaded directly by firefox showed the LaTeX_logo.svg but > when accessed as > http://localhost:8081/doc/ckout/www/AnotherExample.wiki none of the embed, > object or iframe tags were recognized. > > % cat AnotherExample.wiki > <h2>AnotherExample</h2> > <embed src="./LaTeX_logo.svg" type="image/svg+xml" /> > <object data="./LaTeX_logo.svg" type="image/svg+xml"></object> > <iframe src="./LaTeX_logo.svg"></iframe> > <h2>This is to test that HTML is working</h2> > > Could one of these be safely added to the allowed html? > > Matt > -=- >
_______________________________________________ fossil-users mailing list [email protected] http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
![Re: [fossil-users] .svg files in .wiki, could one of embed, object or iframe be safely added to the allowed html in .wiki files?](/search?l=fossil-users@lists.fossil-scm.org&q=subject:%22Re%5C%3A+%5C%5Bfossil%5C-users%5C%5D+.svg+files+in+.wiki%2C+could+one+of+embed%2C+object+or+iframe+be+safely+added+to+the+allowed+html+in+.wiki+files%5C%3F%22&o=newest){kind=link}
