Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/hopsoft/active_storage_svg_sanitizer

Sanitize ActiveStorage SVG uploads
https://github.com/hopsoft/active_storage_svg_sanitizer

active-storage activestorage rails ruby-on-rails security svg

Last synced: 20 days ago
JSON representation

Sanitize ActiveStorage SVG uploads

Host: GitHub
URL: https://github.com/hopsoft/active_storage_svg_sanitizer
Owner: hopsoft
License: mit
Created: 2019-09-09T18:19:07.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2023-01-20T07:54:46.000Z (almost 2 years ago)
Last Synced: 2024-12-10T06:25:54.957Z (about 1 month ago)
Topics: active-storage, activestorage, rails, ruby-on-rails, security, svg
Language: Ruby
Size: 60.5 KB
Stars: 21
Watchers: 3
Forks: 6
Open Issues: 11
Metadata Files:
- Readme: README.md
- License: MIT-LICENSE

Awesome Lists containing this project

README

# ActiveStorageSvgSanitizer

A small library that sanitizes ActiveStorage SVG uploads by stripping any embedded `script` tags.

## Installation

Add this line to your application's Gemfile:

```ruby
gem 'active_storage_svg_sanitizer'
```

## Usage

Simply including this gem will ensure your svg uploads are sanitized.

_This libary uses ActiveJob to perform sanization tasks in the background._

### Rendering SVG Images

If you'd like to render ActiveSorage svg images in your application, add an initializer that unregisters `svg` as a binary file type.

```ruby
# config/initializers/active_storage.rb
ActiveStorage::Engine.config.active_storage.content_types_to_serve_as_binary.delete "image/svg+xml"
```

## License
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).