It would be useful to allow the Data URI scheme for encoded images. We're working on a feature to embed images in the content to make them easier to share and it's blocking them because such a pattern isn't defined.
data: src has some security issues with certain tags, but no known issues for img tags, and with a regex limited to "data:image" I can't find any security issues at all.
It would be useful to allow the Data URI scheme for encoded images. We're working on a feature to embed images in the content to make them easier to share and it's blocking them because such a pattern isn't defined.
https://en.wikipedia.org/wiki/Data_URI_scheme
data: src has some security issues with certain tags, but no known issues for img tags, and with a regex limited to "data:image" I can't find any security issues at all.
http://stackoverflow.com/questions/11228771/are-data-uris-on-imgs-xss-exploitable