Safe SVG

Description

Safe SVG is the best way to Allow SVG Uploads in WordPress!

It gives you the ability to allow SVG uploads whilst making sure that they’re sanitized to stop SVG/XML vulnerabilities affecting your site. It also gives you the ability to preview your uploaded SVGs in the media library in all views.

Current Features

  • Sanitised SVGs – Don’t open up security holes in your WordPress site by allowing uploads of unsanitised files.
  • SVGO Optimisation – Runs your SVGs through the SVGO tool on upload to save you space. This feature is disabled by default but can be enabled by adding the following code: add_filter( 'safe_svg_optimizer_enabled', '__return_true' );
  • View SVGs in the Media Library – Gone are the days of guessing which SVG is the correct one, we’ll enable SVG previews in the WordPress media library.
  • Choose Who Can Upload – Restrict SVG uploads to certain users on your WordPress site or allow anyone to upload.

Initially a proof of concept for #24251.

SVG Sanitization is done through the following library: https://github.com/darylldoyle/svg-sanitizer.

SVG Optimization is done through the following library: https://github.com/svg/svgo.

Blocks

This plugin provides 1 block.

  • Safe SVG Display the SVG icon

Installation

Install through the WordPress directory or download, unzip and upload the files to your /wp-content/plugins/ directory

FAQ

Can we change the allowed attributes and tags?

Yes, this can be done using the svg_allowed_attributes and svg_allowed_tags filters.
They take one argument that must be returned. See below for examples:

add_filter( 'svg_allowed_attributes', function ( $attributes ) {

    // Do what you want here...

    // This should return an array so add your attributes to
    // to the $attributes array before returning it. E.G.

    $attributes[] = 'target'; // This would allow the target="" attribute.

    return $attributes;
} );


add_filter( 'svg_allowed_tags', function ( $tags ) {

    // Do what you want here...

    // This should return an array so add your tags to
    // to the $tags array before returning it. E.G.

    $tags[] = 'use'; // This would allow the <use> element.

    return $tags;
} );

Reviews

10 January 2024 5 replies
Hello everyone,the Plugin does not work for me, I refreshed, logged in and out, checked several different svg files but the uploading is still not possible.After having read so many positive reviews I think I am an exception. Thanks for any advice!
16 August 2023 1 reply
I don't understand why this isn't in core wordpress. Plugin integrates flawlessly into the website and causes no issues.
30 November 2022 1 reply
Great little plugin that does exactly what it says. And does it easily. (Still not sure why SVGs are not supported natively but that's another discussion) Thank you, job well done!
Read all 70 reviews

Contributors and Developers

“Safe SVG” is open source software. The following people have contributed to this plugin.

Contributors

“Safe SVG” has been translated into 21 locales. Thank you to the translators for their contributions.

Translate “Safe SVG” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Change Log

2.2.2 – 2023-11-21

2.2.1 – 2023-10-23

2.2.0 – 2023-08-21

2.1.1 – 2023-04-05

2.1.0 – 2023-03-22

Earlier versions

For the changelog of earlier versions, please refer to the changelog on github.com.