We apologize for the instability of composr.app and appreciate your patience. We are working on the statistics addon and trying to find an optimal way to store and render data. Unfortunately, we have yet to find a solution that can handle the traffic (and therefore, tens of millions of statistical records) of composr.app. We're working hard on one.
#5322 - SVG embeds broken
This is a spacer post for a website comment topic. The content this topic relates to: #5322 - SVG embeds broken
There is no secure way to fix this. The ideal solution is to only allow src-defined SVG files (but from any domain). But this cannot be achieved in CSP's object-src.
As such, this will not be fixed. However, more context was given in the "allow plugins" option for CSP configuration explicitly stating SVG attachments will not render if disabled.
As such, this will not be fixed. However, more context was given in the "allow plugins" option for CSP configuration explicitly stating SVG attachments will not render if disabled.