Class SVGSanitizer
simplified/compact version of svg-sanitizer - https://github.com/darylldoyle/svg-sanitizer by Daryll Doyle
- Full name:
\SVGSanitizer
| Constant | Visibility | Type | Value |
|---|---|---|---|
SCRIPT_REGEX |
public | '/(?:\w+script |
protected \DOMDocument $xmlDocumentprotected array $allowedTagsprotected array $allowedAttrsprotected $xmlLoaderValueprotected bool $minifyXMLprotected bool $removeRemoteReferencesprotected bool $removeXMLTagprotected int $xmlOptionsSVGSanitizer::clean('<svg ...>')
public static clean(mixed $svgText): mixed- This method is static.
Parameters:
| Parameter | Type | Description |
|---|---|---|
$svgText |
mixed |
public __construct(): mixedSet up the DOMDocument
protected resetInternal(): mixedSet XML options to use when saving XML See: DOMDocument::saveXML
public setXMLOptions(int $xmlOptions): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$xmlOptions |
int |
Get XML options to use when saving XML See: DOMDocument::saveXML
public getXMLOptions(): intGet the array of allowed tags
public getAllowedTags(): arraySet custom allowed tags
public setAllowedTags(array $allowedTags): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$allowedTags |
array |
Get the array of allowed attributes
public getAllowedAttrs(): arraySet custom allowed attributes
public setAllowedAttrs(array $allowedAttrs): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$allowedAttrs |
array |
Should we remove references to remote files?
public removeRemoteReferences(bool $removeRemoteRefs = false): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$removeRemoteRefs |
bool |
Sanitize the passed string
public sanitize(string $dirty): stringParameters:
| Parameter | Type | Description |
|---|---|---|
$dirty |
string |
Set up libXML before we start
protected setUpBefore(): mixedReset the class after use
protected resetAfter(): mixedRemove the XML Doctype It may be caught later on output but that seems to be buggy, so we need to make sure it's gone
protected removeDoctype(): mixedStart the cleaning with tags, then we move onto attributes and hrefs later
protected startClean(\DOMNodeList $elements): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$elements |
\DOMNodeList |
Only allow attributes that are on the whitelist
protected cleanAttributesOnWhitelist(\DOMElement $element): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$element |
\DOMElement |
Clean the xlink:hrefs of script and data embeds
protected cleanXlinkHrefs(\DOMElement $element): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$element |
\DOMElement |
Clean the hrefs of script and data embeds
protected cleanHrefs(\DOMElement $element): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$element |
\DOMElement |
Removes non-printable ASCII characters from string & trims it
protected removeNonPrintableCharacters(string $value): boolParameters:
| Parameter | Type | Description |
|---|---|---|
$value |
string |
Does this attribute value have a remote reference?
protected hasRemoteReference( $value): boolParameters:
| Parameter | Type | Description |
|---|---|---|
$value |
**** |
Should we minify the output?
public minify(bool $shouldMinify = false): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$shouldMinify |
bool |
Should we remove the XML tag in the header?
public removeXMLTag(bool $removeXMLTag = false): mixedParameters:
| Parameter | Type | Description |
|---|---|---|
$removeXMLTag |
bool |
Check to see if an attribute is an aria attribute or not
protected isAriaAttribute( $attributeName): boolParameters:
| Parameter | Type | Description |
|---|---|---|
$attributeName |
**** |
Check to see if an attribute is an data attribute or not
protected isDataAttribute( $attributeName): boolParameters:
| Parameter | Type | Description |
|---|---|---|
$attributeName |
**** |
Make sure our use tag is only referencing internal resources
protected isUseTagDirty(\DOMElement $element): boolParameters:
| Parameter | Type | Description |
|---|---|---|
$element |
\DOMElement |