No RDF metadata

[EldarAgalarov]

Describe the bug

SVG Sanitizer removes RDF metadata leaving empty <metadata></metadata> tags.

The plugin should have an option to disable the sanitizer, something like this:

add_filter( 'safe_svg_sanitizer_enabled', '__return_false' );

Steps to Reproduce

Upload any SVG file that contains RDF metadata and check.

Screenshots, screen recording, code snippet

No response

Environment information

No response

WordPress information

No response

Code of Conduct

• I agree to follow this project's Code of Conduct

[jeffpaul]

In chatting with @darylldoyle on this, if you want to disable sanitizer then why even bother with the plugin (as that's the primary safeguard to ensure SVGs are... sanitized)? As such, we do not feel a filter is something we'll add here. Otherwise looking into what it would take to support RDF data seems like an option (related docs).

[EldarAgalarov]

@jeffpaul What if implement an additional "read-only" mode for the plugin? When user uploads SVG file the plugin checks if the SVG file are safe or not without sanitizing it and if file is safe then allow to upload it else reject file uploading. In such mode the safety also is guaranteed.

[jeffpaul]

Sorry, that still opens too much risk which sanitizing the SVGs and this plugin is intended to do.