← Back to team overview

ubuntu-appstore-developers team mailing list archive

Re: Minimizing icon and screenshot transfer size

 

On Wed, Apr 23, 2014 at 12:05 PM, Łukasz Czyżykowski <
lukasz.czyzykowski@xxxxxxxxxxxxx> wrote:

> Because of security risk devportal currently allows uploading of SVG
> icons, but renders them on the server and only saves resulting PNG, which
> is later served to clients.
>
> ​Cheers​
>

​Would not serving the SVGs from a different domain mitigate this?​ In that
case, if JS did go through our filters, the JS would not have access to
cookies, DOM, etc in devportal.

References