Based on a diff-review only, if the URI-string encoding is acceptable, then it should pass. But I just want to make sure that the other things have had a thorough going-over from a security perspective, just in case...<div>
<br></div><div>Chip<br><br><div class="gmail_quote">On Tue, Nov 16, 2010 at 10:46 AM, Otto <span dir="ltr"><<a href="mailto:otto@ottodestruct.com">otto@ottodestruct.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
There may be other reasons to disapprove the theme, I was only<br>
referring to the use of data URI's.<br>
<font color="#888888"><br>
-Otto<br>
</font><div><div></div><div class="h5"><br>
<br>
<br>
On Tue, Nov 16, 2010 at 10:34 AM, Chip Bennett <<a href="mailto:chip@chipbennett.net">chip@chipbennett.net</a>> wrote:<br>
> Okay, then. Good enough for me!<br>
> I'll approve the ticket. But, I'd like someone with more PHP/security<br>
> expertise than I have to take a look at what this Theme is doing in admin/<br>
> with overwriting files and changing permissions and whatnot, just to make<br>
> sure there aren't any issues. I *think* everything is okay, but following<br>
> all of that is still a bit above my pay grade.<br>
> Chip<br>
><br>
> On Tue, Nov 16, 2010 at 10:28 AM, Otto <<a href="mailto:otto@ottodestruct.com">otto@ottodestruct.com</a>> wrote:<br>
>><br>
>> On Tue, Nov 16, 2010 at 10:24 AM, Chip Bennett <<a href="mailto:chip@chipbennett.net">chip@chipbennett.net</a>><br>
>> wrote:<br>
>> > So, essentially, the image itself is embedded in the CSS file?<br>
>> > I'm still uneasy about it, but that could be due to lack of<br>
>> > understanding.<br>
>> > And I still question whether it's actually necessary.<br>
>><br>
>> Could he put the image file in a separate file and then make an http<br>
>> link to it there instead? Sure.<br>
>> Is including the data inline like this faster? Yes, it's much, much<br>
>> faster.<br>
>><br>
>> For small images (these are 1x1 pixel PNG images), this is WAY faster<br>
>> than including the image separately URL and incurring the overhead of<br>
>> an extra HTTP request.<br>
>><br>
>> Necessary? No.<br>
>> Understandable and faster and better and safe and actually the correct<br>
>> way to do it? Yes.<br>
>><br>
>> I give this a total thumbs up and an "okay". There's nothing wrong<br>
>> here of any sort.<br>
>><br>
>> -Otto<br>
>> _______________________________________________<br>
>> theme-reviewers mailing list<br>
>> <a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
>> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
><br>
><br>
> _______________________________________________<br>
> theme-reviewers mailing list<br>
> <a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
> <a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
><br>
><br>
_______________________________________________<br>
theme-reviewers mailing list<br>
<a href="mailto:theme-reviewers@lists.wordpress.org">theme-reviewers@lists.wordpress.org</a><br>
<a href="http://lists.wordpress.org/mailman/listinfo/theme-reviewers" target="_blank">http://lists.wordpress.org/mailman/listinfo/theme-reviewers</a><br>
</div></div></blockquote></div><br></div>