GitHub raw endpoints do it. They will either serve the SVG without an image/svg+... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		felixfbecker on Dec 8, 2020 \| parent \| context \| favorite \| on: CSS in GitHub Readmes GitHub raw endpoints do it. They will either serve the SVG without an image/svg+xml Content-Type, making it not render in the browser, or you have to append ?sanitize=true to the URL which will, as the name suggest, sanitize it.

reflectiv on Dec 10, 2020 [–]

ok but that is github...parent poster stated its common to do that...it is not.

detaro on Dec 10, 2020 | [–]

It's web security 101 for handling user uploads. (although in the case of SVG most sites solve it by just not accepting "weird" formats like SVG)

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact