scour icon indicating copy to clipboard operation
scour copied to clipboard

Published 20 hours ago verified publisher icon scour-project

Improve the project's README

Open oberstet opened this issue 9 years ago • 4 comments

IMO, scour really deserves a better README. both visually, and content wise, as the first user experience / contact with scour will either be

  • https://github.com/codedread/scour/blob/master/README.md or
  • https://pypi.python.org/pypi/scour

oberstet avatar Dec 10 '15 22:12 oberstet

SVG files are XML and might have payloads that potentially cause security issues. Does Scour sanitize away potential code injections like e.g. http://svg.enshrined.co.uk/ does?

If so, this could be mentioned in the project README.

ottok avatar Jun 06 '20 17:06 ottok

not sure;)

potential code injections

can you describe those?

are there test cases here

https://github.com/darylldoyle/svg-sanitizer/tree/master/tests/data

?

if so, we could just see (run scour) and possibly add those here. we have automated tests https://travis-ci.org/github/scour-project/scour as well ..

oberstet avatar Jun 06 '20 18:06 oberstet

Ok, so I guess you have not developed Scour with security sanitization in mind. I'll open a new issue about it in #254.

ottok avatar Jun 06 '20 20:06 ottok

@oberstet : There is also an explantation of the optional scourattributes.

Maybe you should list what should be improve. -What's the advantages of scour -What's the options of scour -How to use it (including examples) -adding benchmarks as https://github.com/RazrFalcon/svgcleaner/#charts -How to install -Why you should be careful and not overwrite originals -....

JoKalliauer avatar Sep 06 '20 11:09 JoKalliauer