66093b8
Do not serve svg inline SVG can contain javascript, so that's a easy vector for XSS on pagure. Fix CVE-2018-1002155 Signed-off-by: Michael Scherer <misc@redhat.com>