-
Federico Mena Quintero authored
This function gets called directly from the public API, and a calling application should not be allowed to lookup an element with a name like "some-random-file#element_id", that is, the app should not be able to cause files to be read if they are not within the set of resources that the SVG actually references. The test is robust (only fragment IDs without a URL are allowed), but will inadvertently print a g_warning if someone runs rsvg-convert like rsvg-convert -i 'foo#bar' -o x.png x.svg We may be able to get rid of that g_warning once the public API is implemented in Rust, so it can have access to the URL parsing machinery.
3559b3e6