The Scratch team’s blog post on SVG sanitization (linked from Hacker News this week) is one of those technical write-ups that really should be required reading for anyone who lets users upload images to a web app. The author’s account …
The hard problem of sanitizing user-uploaded SVGs (and why most libraries get it wrong)
