I would like to upload a svg figure to illustrate this tip (this figure would also appear here).

Unfortunately, Github shows raw code instead of the image.

Available in a git repository branch.
Branch: spalax/paternal/upload-svg
Author: Louis


Unfortunately SVG can contain embedded JavaScript, so anyone who can upload arbitrary SVG to this wiki can execute JavaScript in its security context, leading to stealing login cookies and other badness. GitHub won't display arbitrary user-supplied SVG for the same reasons.

I've seen various attempts to sanitize SVG via a whitelist, but it's just too large a specification to be confident that you're right, IMO.

This particular SVG looks good to me and I've mirrored it in my own git repo. --smcv

merged --smcv