Safe SVG

外掛說明

使用 Safe SVG 外掛是在 WordPress 網站上開放 SVG 檔案上傳的最佳方式。

這個外掛能開放 WordPress 網站上傳 SVG 檔案的功能,並確保 SVG 檔案經過必要的處理,以避免觸發 SVG/XML 漏洞影響網站,同時也能讓使用者在媒體庫的各種檢視模式中預覽已上傳的 SVG 檔案。

如果 Safe SVG 對你的網站有幫助,購買 Pro 版後還能取得更多功能。

免費版功能

  • 處理 SVG 檔案:不會允許未經處理的 SVG 檔案上傳,以避免觸發 WordPress 網站的安全性漏洞。
  • 在媒體庫中檢視 SVG 檔案:不需要去回想哪個 SVG 檔案是哪天上傳的,Pro 版外掛提供在 WordPress 媒體庫中預覽 SVG 檔案的功能。

Pro 版功能

  • SVGO 最佳化:使用者可以選擇透過我們提供的 SVGO 伺服器上傳 SVG 檔案,以節省網站儲存空間。
  • 設定可上傳 SVG 檔案的使用者:設定指定使用者才能上傳 SVG 檔案,或開放全部使用者均可上傳。
  • 進階技術支援:Pro 版使用者可以獲得進階技術支援,而我們僅於有空時才會在 WordPress 技術支援論壇提供免費版的使用者有限的技術支援。

開發這個外掛的想法源自 #24251 這個功能需求。

SVG 檔案的處理使用 https://github.com/darylldoyle/svg-sanitizer 所提供的函式庫。

安裝方式

透過 WordPress 外掛目錄安裝,或下載安裝檔案後解壓縮,上傳解壓縮所得的資料夾及其全部檔案至 /wp-content/plugins/ 目錄。

常見問題集

是否能變更開放使用的屬性及標籤?

可以,這可以透過 svg_allowed_attributessvg_allowed_tags 篩選器完成。
這 2 個篩選器分別使用一個必須回傳值的引數。以下是範例程式碼:

add_filter( 'svg_allowed_attributes', function ( $attributes ) {

    // Do what you want here...

    // This should return an array so add your attributes to
    // to the $attributes array before returning it. E.G.

    $attributes[] = 'target'; // This would allow the target="" attribute.

    return $attributes;
} );


add_filter( 'svg_allowed_tags', function ( $tags ) {

    // Do what you want here...

    // This should return an array so add your tags to
    // to the $tags array before returning it. E.G.

    $tags[] = 'use'; // This would allow the <use> element.

    return $tags;
} );

使用者評論

2021 年 2 月 3 日
Great little plugin, ideal for displaying SVG brand logo images as part of a logo wall. Seems to work fine with Divi and WP 5.6. Thanks developers!
2020 年 11 月 22 日
This plugin adds SVG support to WordPress in the most natural way. No configuration needed – simply upload and use SVG graphics as you would upload and use JPEG, PNG and GIF images.
2020 年 9 月 21 日
Very happy to find this plugin. I've found it works out of the box and helps add nice logos to my website. Thank you!
2020 年 9 月 12 日
I heard about this plugin from a top WordPress tips website, only to find WordPress warning me that it might be unsafe due to being untested on WordPress 5.5. Please update for WordPress 5.5!
2020 年 6 月 4 日
I struggled modifying my PNGs in order not to lose pixelation, to no avail, until I discovered this plugin. Now all my graphics are SVGs and there's no turning back! One little feature request though: make the image size appear in the media library list screen, as other images format do.
閱讀全部 58 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈Safe SVG〉的開發相關工作。

參與者

將 Safe SVG 外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

1.9.9

  • Fixed issue where 100% width is accidentally converted to 100px width. Props @joehoyle

1.9.8

  • Underlying library update

1.9.7

  • Underlying library update

1.9.6

  • Underlying library update that fixes a security issue

1.9.5

  • Underlying library update that fixes some security issues

1.9.4

  • Fixed a bug causing lots of error log output to do with safe_svg::fix_direct_image_output()

1.9.3

  • Fixed a bug causing 0 height and width SVGs

1.9.2

  • Fixed a warning about an Illegal string offset
  • Fixed an issue if something other than a WP_Post object is passed in via the wp_get_attachment_image_attributes filter.

1.9.1

  • Fixed a warning that was being generated by a change made in 1.9.0.

1.9.0

  • If an image is the correct ratio, allow skipping of the crop popup when setting header/logo images with SVGs.

1.8.1

  • Don’t let errors break upload if uploading an empty file
  • Fix featured image display in Gutenberg. Props @hendridm 🙂

1.8.0

  • Pull SVG dimensions from the width/height or viewbox attributes of the SVG.
  • Add the role=”img” attribute to SVGs

1.7.1

  • Updated underlying lib and added new filters for filtering allowed tags and attributes

1.6.1

  • Images will now use the size chosen when inserted into the page rather than default to 2000px everytime.

1.6.0

  • Fairly big new feature – The library now allows <use> elements as long as they don’t reference external files!
  • You can now also embed safe image types within the SVG and not have them stripped (PNG, GIF, JPG)

1.5.3

  • 1.5.2 introduced an issue that can freeze the media library. This fixes that issue. Sorry!

1.5.2

  • Tested with 4.9.0
  • Fixed an issue with SVGs when regenerating media

1.5.1

  • Fix PHP strict standards warning

1.5.0

  • Library update
  • role, aria- and data- attributes are now whitelisted to improve accessibility

1.4.5

  • Fixes some issues with defining the size of an SVG.
  • Library update

1.4.4

  • SVGs now display as featured images in the admin area

1.4.3

  • WordPress 4.7.3 Compatibility
  • Expanded SVG previews in media library

1.4.2

  • Added a check / fix for when mb_* functions are not available

1.4.1

  • Updated underlying library to allow attributes/tags in all case variations

1.4.0

  • Added ability to preview SVG on both grid and list view in the wp-admin media area
  • Updated underlying library version

1.3.4

  • A fix for SVGZ uploads failing and not sanitising correctly

1.3.3

  • Allow SVGZ uploads

1.3.2

  • Fix for the mime type issue in 4.7.1. Mad props to @lewiscowles

1.3.1

  • Updated underlying library version

1.3.0

  • Minify SVGs after cleaning so they can be loaded correctly through file_get_contents

1.2.0

  • Added support for camel case attributes such as viewBox

1.1.1

  • Fixed an issue with empty svg elements self-closing

1.1.0

  • Added i18n
  • Added da, de ,en, es, fr, nl and ru translations
  • Fixed an issue with filename not being pulled over on failed uploads

1.0.0

  • Initial Release