Costasdev.SafeSvg
0.3.0
dotnet add package Costasdev.SafeSvg --version 0.3.0
NuGet\Install-Package Costasdev.SafeSvg -Version 0.3.0
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="Costasdev.SafeSvg" Version="0.3.0" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="Costasdev.SafeSvg" Version="0.3.0" />
<PackageReference Include="Costasdev.SafeSvg" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add Costasdev.SafeSvg --version 0.3.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: Costasdev.SafeSvg, 0.3.0"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package Costasdev.SafeSvg@0.3.0
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=Costasdev.SafeSvg&version=0.3.0
#tool nuget:?package=Costasdev.SafeSvg&version=0.3.0
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
SafeSVG
A free, libre and open-source tool to sanitise SVG content in .NET applications.
Features
- Removes potentially dangerous elements and attributes from SVG files (like
<script>andonload). - Adds (by default, if missing) the SVG
xmlnsattribute to the root element. - Removes (by default) comments from the SVG content.
- Supports .NET 8 and 9.
Usage
Install the NuGet package:
dotnet add package Costasdev.SafeSvgUse the
SafeSvgclass to sanitise SVG content:using Costasdev.SafeSVG; var svgContent = "<svg><script>alert('XSS');</script></svg>"; var safeSvg = SvgSanitiser.Sanitise(svgContent); Console.WriteLine(safeSvg); // <svg xmlns="http://www.w3.org/2000/svg"></svg>You can also provide custom options:
using Costasdev.SafeSVG; var svgContent = "<svg><script>alert('XSS');</script></svg>"; var options = new SvgSanitiserOptions { AddNamespace = false, // Adds the default SVG namespace (http://www.w3.org/2000/svg) if missing. IndentOutput = true, // Indents the output SVG using XmlTextWriter's Formatting.Indented RemoveComments = true // Removes comments from the SVG content. }; var safeSvg = SvgSanitiser.Sanitise(svgContent, options); Console.WriteLine(safeSvg); // <svg xmlns="http://www.w3.org/2000/svg"></svg>
Licence
This project is licensed under the BSD 3-Clause License. See the LICENCE file for details.
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net8.0
- No dependencies.
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.