forked from GNUsocial/gnu-social
406b6148f5
We should actually not allow remote images to be given in the src attribute because they can be used for tracking and other nasty stuff without being seen by the enduser. Also, allowing remote images linked like this won't work for users who run plugins like RequestPolicy etc. anyway. A better method would be to make them listed as attachments instead. Then we can use that subsystem for making thumbnails to store locally, hotlinking sources and whatnot. |
||
---|---|---|
.. | ||
display.css | ||
rtl.css | ||
uap.css |