Add a utility to sanitize SVG files

The sanitizer library is the underlying library of several popular extensions for large CMS systems.

Author: Kevinjil

webapp/composer.json

@@ -63,6 +63,7 @@
 		"doctrine/doctrine-migrations-bundle": "^3.2",
 		"doctrine/orm": "^2.14",
 		"eligrey/filesaver": "2.*",
+		"enshrined/svg-sanitize": "^0.21.0",
 		"fortawesome/font-awesome": "6.*",
 		"friendsofsymfony/rest-bundle": "^3.5",
 		"ircmaxell/password-compat": "*",

webapp/composer.lock

@@ -3,6 +3,7 @@
 
 use DateTime;
 use Doctrine\Inflector\InflectorFactory;
+use enshrined\svgSanitize\Sanitizer as SvgSanitizer;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 
@@ -717,6 +718,15 @@ public static function getImageSize(string $filename): array
         return [$width, $height, $width / $height];
     }
 
+    public static function sanitizeSvg(string $svgContents): string | false
+    {
+        $sanitizer = new SvgSanitizer();
+        $sanitizer->removeRemoteReferences(true);
+        $sanitizer->minify(true);
+        
+        return $sanitizer->sanitize($svgContents);
+    }
+
     /**
      * Returns TRUE iff string $haystack starts with string $needle.
      */