On Wed, Jun 11, 2025 at 10:30 AM Rob Sayre <say...@gmail.com> wrote:
> I did notice SVG2 (Editor's Draft 08 March 2023) has a nice summary of > what I think we want in its "Processing Modes" section: > > <https://svgwg.org/svg2-draft/conform.html#secure-static-mode> > > That doesn't use the W3C URI-heavy style that 1.1 did. Since we're having > trouble getting clarity here, a bullet list like that might help. > I broke my rule of trying to provide text in cases like this, instead of just commenting, but I am not attached to the text. "At a minimum, the RPC will limit SVG features as described in "Secure Static Mode" [SVG2-STATIC]. * script execution: no * external references: no * declarative animation: no * interactivity: no Additionally, [... other existing points] [SVG2-STATIC] <https://www.w3.org/TR/2018/CR-SVG2-20181004/conform.html#secure-static-mode >" That way, our requirements are tied to SVG itself, which I think is pretty clear. thanks, Rob
-- rswg mailing list -- rswg@rfc-editor.org To unsubscribe send an email to rswg-le...@rfc-editor.org
