Download the PHP package darylldoyle/safe-svg without Composer
On this page you can find all versions of the php package darylldoyle/safe-svg. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download darylldoyle/safe-svg
More information about darylldoyle/safe-svg
Files in darylldoyle/safe-svg
Package safe-svg
Short Description Enable SVG uploads and sanitize them to stop XML/SVG vulnerabilities in your WordPress website
License GPL-2.0-or-later
Homepage https://github.com/10up/safe-svg
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package safe-svg
Safe SVG
Enable SVG uploads and sanitize them to stop XML/SVG vulnerabilities in your WordPress website.
Overview
Safe SVG is the best way to Allow SVG Uploads in WordPress!
It gives you the ability to allow SVG uploads whilst making sure that they're sanitized to stop SVG/XML vulnerabilities affecting your site. It also gives you the ability to preview your uploaded SVGs in the media library in all views.
Current Features
- Sanitised SVGs - Don't open up security holes in your WordPress site by allowing uploads of unsanitised files.
- SVGO Optimisation - Runs your SVGs through the SVGO tool on upload to save you space. This feature is disabled by default but can be enabled by adding the following code:
add_filter( 'safe_svg_optimizer_enabled', '__return_true' ); - View SVGs in the Media Library - Gone are the days of guessing which SVG is the correct one, we'll enable SVG previews in the WordPress media library.
- Choose Who Can Upload - Restrict SVG uploads to certain users on your WordPress site or allow anyone to upload.
Initially a proof of concept for #24251.
SVG Sanitization is done through the following library: https://github.com/darylldoyle/svg-sanitizer.
SVG Optimization is done through the following library: https://github.com/svg/svgo.
Requirements
- PHP 7.4+
- WordPress 5.7+
Installation
Install through the WordPress directory or download, unzip and upload the files to your /wp-content/plugins/ directory.
Frequently Asked Questions
Can we change the allowed attributes and tags?
Yes, this can be done using the svg_allowed_attributes and svg_allowed_tags filters.
They take one argument that must be returned. See below for examples:
Support Level
Stable: 10up is not planning to develop any new features for this, but will still respond to bug reports and security concerns. We welcome PRs, but any that include new features should be small and easy to integrate and should not include breaking changes. We otherwise intend to keep this tested up to the most recent version of WordPress.
Changelog
A complete listing of all notable changes to Safe SVG are documented in CHANGELOG.md.
Contributing
Please read CODE_OF_CONDUCT.md for details on our code of conduct, CONTRIBUTING.md for details on the process for submitting pull requests to us, and CREDITS.md for a listing of maintainers of, contributors to, and libraries used by Safe SVG.
Like what you see?
