‪TYPO3CMS  10.4
SvgSanitizer.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Resource\Security;
19 
20 use enshrined\svgSanitize\Sanitizer;
21 
22 class ‪SvgSanitizer
23 {
29  public function ‪sanitizeFile(string $sourcePath, string $targetPath = null): void
30  {
31  if ($targetPath === null) {
32  $targetPath = $sourcePath;
33  }
34  $svg = file_get_contents($sourcePath);
35  if (!is_string($svg)) {
36  return;
37  }
38  $sanitizedSvg = $this->‪sanitizeContent($svg);
39  if ($sanitizedSvg !== $svg) {
40  file_put_contents($targetPath, $sanitizedSvg);
41  }
42  }
43 
50  public function ‪sanitizeContent(string $svg): string
51  {
52  $sanitizer = new Sanitizer();
53  $sanitizer->removeRemoteReferences(true);
54  return $sanitizer->sanitize($svg) ?: '';
55  }
56 }
‪TYPO3\CMS\Core\Resource\Security
Definition: FileMetadataPermissionsAspect.php:16
‪TYPO3\CMS\Core\Resource\Security\SvgSanitizer
Definition: SvgSanitizer.php:23
‪TYPO3\CMS\Core\Resource\Security\SvgSanitizer\sanitizeContent
‪string sanitizeContent(string $svg)
Definition: SvgSanitizer.php:50
‪TYPO3\CMS\Core\Resource\Security\SvgSanitizer\sanitizeFile
‪sanitizeFile(string $sourcePath, string $targetPath=null)
Definition: SvgSanitizer.php:29