説明
Safe SVG is the best way to Allow SVG Uploads in WordPress!
It gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG/XML vulnerabilities affecting your site.
It also gives you the ability to preview your uploaded SVGs in the media library in all views.
Free Features
- Sanitised SVGs – Don’t open up security holes in your WordPress site by allowing uploads of unsanitised files.
- View SVGs in the Media Library – Gone are the days of guessing which SVG is the correct one, we’ll enable SVG previews in the WordPress media library.
Pro Features
- SVGO Optimisation – You’ll have the option to run your SVGs through our SVGO server on upload to save you space.
- Choose Who Can Upload – Restrict SVG uploads to certain users on your WordPress site or allow anyone to upload.
- Premium Support – Pro users get premium support whilst free support is offered in the WordPress forums in our spare time
Initially a proof of concept for #24251
SVG Sanitization is done through the following library: https://github.com/darylldoyle/svg-sanitizer
インストール
Install through the WordPress directory or download, unzip and upload the files to your /wp-content/plugins/ directory
FAQ
-
Can we change the allowed attributes and tags?
-
Yes, this can be done using the
svg_allowed_attributesandsvg_allowed_tagsfilters.
They take one argument that must be returned. See below for examples:add_filter( 'svg_allowed_attributes', function ( $attributes ) { // Do what you want here... // This should return an array so add your attributes to // to the $attributes array before returning it. E.G. $attributes[] = 'target'; // This would allow the target="" attribute. return $attributes; } ); add_filter( 'svg_allowed_tags', function ( $tags ) { // Do what you want here... // This should return an array so add your tags to // to the $tags array before returning it. E.G. $tags[] = 'use'; // This would allow the <use> element. return $tags; } );
評価
2020年9月21日
Very happy to find this plugin. I've found it works out of the box and helps add nice logos to my website. Thank you!
2020年9月12日
I heard about this plugin from a top WordPress tips website, only to find WordPress warning me that it might be unsafe due to being untested on WordPress 5.5. Please update for WordPress 5.5!
2020年6月4日
I struggled modifying my PNGs in order not to lose pixelation, to no avail, until I discovered this plugin. Now all my graphics are SVGs and there's no turning back!
One little feature request though: make the image size appear in the media library list screen, as other images format do.
2020年6月3日
This is the plugin that I have been waiting for. Adding SVG implementation in easy way with full support of Gallery thumbnails. Plugin is doing the rest in securing SVG/XML code to avoid exploits. Great.
No issues when working with cache plugins like W3 Total Cache and CloudFlare.
2020年5月27日
Simple and effective.
2020年3月5日
I was able to use an svg as a menu image for the site header using this in combination with the plugin "Menu Image" - without this plugin I couldn't do it.
貢献者と開発者
変更履歴
1.9.9
- Fixed issue where 100% width is accidentally converted to 100px width. Props @joehoyle
1.9.8
- Underlying library update
1.9.7
- Underlying library update
1.9.6
- Underlying library update that fixes a security issue
1.9.5
- Underlying library update that fixes some security issues
1.9.4
- Fixed a bug causing lots of error log output to do with
safe_svg::fix_direct_image_output()
1.9.3
- Fixed a bug causing 0 height and width SVGs
1.9.2
- Fixed a warning about an Illegal string offset
- Fixed an issue if something other than a WP_Post object is passed in via the
wp_get_attachment_image_attributesfilter.
1.9.1
- Fixed a warning that was being generated by a change made in 1.9.0.
1.9.0
- If an image is the correct ratio, allow skipping of the crop popup when setting header/logo images with SVGs.
1.8.1
- Don’t let errors break upload if uploading an empty file
- Fix featured image display in Gutenberg. Props @hendridm 🙂
1.8.0
- Pull SVG dimensions from the width/height or viewbox attributes of the SVG.
- Add the role=”img” attribute to SVGs
1.7.1
- Updated underlying lib and added new filters for filtering allowed tags and attributes
1.6.1
- Images will now use the size chosen when inserted into the page rather than default to 2000px everytime.
1.6.0
- Fairly big new feature – The library now allows
<use>elements as long as they don’t reference external files! - You can now also embed safe image types within the SVG and not have them stripped (PNG, GIF, JPG)
1.5.3
- 1.5.2 introduced an issue that can freeze the media library. This fixes that issue. Sorry!
1.5.2
- Tested with 4.9.0
- Fixed an issue with SVGs when regenerating media
1.5.1
- Fix PHP strict standards warning
1.5.0
- Library update
- role, aria- and data- attributes are now whitelisted to improve accessibility
1.4.5
- Fixes some issues with defining the size of an SVG.
- Library update
1.4.4
- SVGs now display as featured images in the admin area
1.4.3
- WordPress 4.7.3 Compatibility
- Expanded SVG previews in media library
1.4.2
- Added a check / fix for when mb_* functions are not available
1.4.1
- Updated underlying library to allow attributes/tags in all case variations
1.4.0
- Added ability to preview SVG on both grid and list view in the wp-admin media area
- Updated underlying library version
1.3.4
- A fix for SVGZ uploads failing and not sanitising correctly
1.3.3
- Allow SVGZ uploads
1.3.2
- Fix for the mime type issue in 4.7.1. Mad props to @lewiscowles
1.3.1
- Updated underlying library version
1.3.0
- Minify SVGs after cleaning so they can be loaded correctly through file_get_contents
1.2.0
- Added support for camel case attributes such as viewBox
1.1.1
- Fixed an issue with empty svg elements self-closing
1.1.0
- Added i18n
- Added da, de ,en, es, fr, nl and ru translations
- Fixed an issue with filename not being pulled over on failed uploads
1.0.0
- 最初のリリース