[felineflock]

"SVG Considered Harmful"

https://www.cloudflare.com/cloudforce-one/research/svgs-the-...

[tomalbrc]

First off, what kind of SVG reader does cloudflare assume to just open SVGs and Willy nilly run contained js? Is that a windows os feature? Second, do they not know about Content Security Policies?

And as a side note: Cloudflare itself is considered harmful

[perilunar]

"Since SVGs are essentially code, they can embed JavaScript"

Odd thing to say. Everything on a computer is "essentially code", executable or not.