帮助:安全/SVG文件

注意：當您編輯本頁面時，即同意以CC0協議授權您的貢獻。您可以在公有領域帮助页面找到更多信息。

The SVG file format has certain security and privacy issues that you might want to consider before opening such files. SVG files can include complex interactive features which might trigger the browser to connect to the Internet and reveal the IP address and other personal information of the user to a third party.

A malicious SVG author might use this functionality to connect network locations to wiki usernames or otherwise violate the privacy of the reader. SVG has a complex internal structure which makes it practically impossible to detect dangerous files; it is left to the privacy-conscious reader to take precautions.

• SVG — Exploiting Browsers without Image Parsing Bugs, Rennie deGraaf of iSEC Partners, 07 August 2014
• Mario Heiderich: The forbidden image - Security impact of SVG on the WWW, Hack In Paris 2011