Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Svg Sanitize
Assessments

Svg Sanitize Laravel Package

enshrined/svg-sanitize

PHP SVG/XML sanitizer inspired by DOMPurify. Clean untrusted SVGs with a simple sanitize() call, optional custom tag/attribute whitelists, remote reference stripping to prevent leaks, issue reporting, and output minification. Returns clean XML or false on parse errors.

View on GitHub
Deep Wiki
Context7

Product Decisions This Supports

  • Secure handling of user-uploaded SVGs to prevent XSS vulnerabilities, critical for platforms with public upload features
  • Build vs Buy: Leveraging a mature, community-tested solution (used in WordPress, Drupal, TYPO3) instead of building in-house reduces development time and security risks
  • Roadmap alignment: Supports compliance with OWASP security standards, essential for enterprise clients requiring strict data protection
  • Use cases: CMS platforms (WordPress via Safe SVG plugin), SaaS applications with SVG asset uploads, and any PHP-based system requiring SVG sanitization for security

When to Consider This Package

  • Adopt when your PHP application processes user-submitted SVGs and requires robust XSS prevention without custom security logic
  • When leveraging existing enterprise-grade solutions (e.g., WordPress, TYPO3 integrations) provides confidence in reliability
  • Look elsewhere if: your stack is non-PHP, you need advanced SVG manipulation beyond sanitization (e.g., rendering, editing), or your organization requires a permissive license (GPL-2.0 may not suit proprietary software)

How to Pitch It (Stakeholders)

  • Executives: "This package eliminates SVG-based XSS risks that could lead to data breaches, saving potential millions in incident costs. It's battle-tested in
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
davejamesmiller/laravel-breadcrumbs
artisanry/parsedown
christhompsontldr/phpsdk
enqueue/dsn
bunny/bunny
enqueue/test
enqueue/null
enqueue/amqp-tools
milesj/emojibase
bower-asset/punycode
bower-asset/inputmask
bower-asset/jquery
bower-asset/yii2-pjax
laravel/nova
spatie/laravel-mailcoach
spatie/laravel-superseeder
laravel/liferaft
nst/json-test-suite
danielmiessler/sec-lists
jackalope/jackalope-transport