Download the PHP package t3g/svg-sanitize-elts7 without Composer

On this page you can find all versions of the php package t3g/svg-sanitize-elts7. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package svg-sanitize-elts7

svg-sanitizer

:warning: This is an interim package for TYPO3 CMS 7.6 ELTS only, providing changes to be compatible with PHP 5.5! As soon support for TYPO3 CMS 7.6 ETLS is dropped, this package will be abandoned as well. Using this package in any other scope is not and will not be supported.

Installation

Either require t3g/svg-sanitize-elts7 through composer or download the repo and include the old way!

Usage

Using this is fairly easy. Create a new instance of enshrined\svgSanitize\Sanitizer and then call the sanitize whilst passing in your dirty SVG/XML

Basic Example

Output

This will either return a sanitized SVG/XML string or boolean false if XML parsing failed (usually due to a badly formatted file).

Options

You may pass your own whitelist of tags and attributes by using the Sanitizer::setAllowedTags and Sanitizer::setAllowedAttrs methods respectively.

These methods require that you implement the enshrined\svgSanitize\data\TagInterface or enshrined\svgSanitize\data\AttributeInterface.

Remove remote references

You have the option to remove attributes that reference remote files, this will stop HTTP leaks but will add an overhead to the sanitizer.

This defaults to false, set to true to remove references.

$sanitizer->removeRemoteReferences(true);

Viewing Sanitization Issues

You may use the getXmlIssues() method to return an array of issues that occurred during sanitization.

This may be useful for logging or providing feedback to the user on why an SVG was refused.

$issues = $sanitizer->getXmlIssues();

Minification

You can minify the XML output by calling $sanitizer->minify(true);.

Demo

There is a demo available at: http://svg.enshrined.co.uk/

WordPress

I've just released a WordPress plugin containing this code so you can sanitize your WordPress uploads. It's available from the WordPress plugin directory: https://wordpress.org/plugins/safe-svg/

Drupal

Michael Potter has kindly created a Drupal module for this library which is available at: https://www.drupal.org/project/svg_sanitizer

TYPO3

An integration for TYPO3 CMS of this library is available as composer package t3g/svg-sanitizer at https://github.com/TYPO3GmbH/svg_sanitizer

Tests

You can run these by running vendor/bin/phpunit from the base directory of this package.

Standalone scanning of files via CLI

Thanks to the work by gudmdharalds there's now a standalone scanner that can be used via the CLI.

Any errors will be output in JSON format. See the PR for an example.

Use it as follows: php svg-scanner.php ~/svgs/myfile.svg

To-Do

More extensive testing for the SVGs/XML would be lovely, I'll try and add these soon. If you feel like doing it for me, please do and make a PR!


All versions of svg-sanitize-elts7 with dependencies

PHP Build Version
Package Version
Requires php Version ^5.5 || ^7.0
ext-dom Version *
ext-libxml Version *
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package t3g/svg-sanitize-elts7 contains the following files

Loading the files please wait ....