-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(plugin): SVGEmbed #2432
base: dev
Are you sure you want to change the base?
feat(plugin): SVGEmbed #2432
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
honestly looks good but i'm still scared about potential XSS D:
have u tested this with some sussy svgs to make sure they are properly handled?
I've tested it against a random SVG to which I've manually appended |
3a25da5
to
05a4044
Compare
c50208b
to
d8524b0
Compare
This plugin makes SVG files embed like normal images. It supports svg files uploaded directly to Discord, as well as svg files linked via a
discord.com
orcdn.discordapp.com
url.It patches the existing image embed logic to recognize
.svg
files as valid images and have them embed the same way (i.e. viaimg src
attribute), so there should be no XSS incidents.