This project is not covered by Drupal’s security advisory policy.
Introduction
The SVG Upload Sanitizer module provides a simple way to sanitize
uploaded svg.
Every uploaded svg is automatically sanitize.
To sanitize SVG this module rest upon the darylldoyle/svg-sanitizer package.
Requirements
The module requires the following package:
Installation
Install as you would normally install a contributed Drupal module. See: Installing Modules for further information.
Configuration
This module has no opinion regarding the configuration of the darylldoyle/svg-sanitizer package.
The default behavior of darylldoyle/svg-sanitizer is used.
With the current implementation it should already be possible to configure darylldoyle/svg-sanitizer just by decorating the service. For instance to remove references to remote files you just have to call the method provided by darylldoyle/svg-sanitizer like:
# mymodule.services.yml
services:
mymodule.sanitizer.svg:
decorates: svg_upload_sanitizer.sanitizer.svg
class: enshrined\svgSanitize\Sanitizer
calls:
- [removeRemoteReferences, [TRUE]]
Similar modules
- SVG Sanitizer: It sanitizes the file using a field formatter.
How to contribute
Issues and Merge requests has to be done on https://gitlab.com/beram-drupal/svg-upload-sanitizer
Maintainers
Project information
- Project categories: Media, Security
278 sites report using this module- Created by beram on , updated
This project is not covered by the security advisory policy.
Use at your own risk! It may have publicly disclosed vulnerabilities.
Releases
8.x-2.1
released 28 August 2025
Works with Drupal: ^10 || ^11
See https://github.com/advisories/GHSA-22wq-q86m-83fh
Install:
Development version: 8.x-2.x-dev updated 28 Aug 2025 at 07:17 UTC
8.x-1.4
released 20 March 2023
Works with Drupal: ^9 || ^10
Install:
Development version: 8.x-1.x-dev updated 5 Jun 2024 at 07:41 UTC
