There is a long ongoing discussion about this with the developers at https://core.trac.ww.wp.xz.cn/ticket/24251
This turns out to be moderately difficult to do, because SVG files are not actually “images” in the strictest sense. There are assorted security problems there.
Wooo, that’s a long thread! Thanks for the link, I knew that SVGs were XML but I didn’t realise that they were so contentious.
Presumably the security issues are only applicable to third party SVGs, not those created by yourself.
Mostly, yes. They’re still data files though, and data files can be infected at any point if the system is already compromised.
