software

SVG files are everywhere — icons, logos, illustrations, UI graphics...

Published: (February 15, 2026 at 03:02 AM EST)
2 min read
Source: Dev.to

Source: Dev.to

Overview

SVG files are everywhere—icons, logos, illustrations, UI graphics. They’re lightweight, scalable, and web‑friendly, but SVGs exported from design tools often contain:

  • Unnecessary metadata
  • Redundant attributes
  • Editor‑specific footprints
  • Excess whitespace
  • Potentially unsafe elements

If you’re working in PHP and need a robust, configurable, security‑aware SVG optimizer, there’s a purpose‑built solution:

👉 php-svg-optimizer is a lightweight PHP library designed to optimize, minify, and sanitize SVG files while staying compliant with SVG 2.0 specifications.

Benefits

  • Smaller files
  • Cleaner markup
  • Standards‑compliant SVG
  • Safer embedding
  • Visually identical output
  • Improved performance

Security

When accepting SVG uploads from users, sanitization isn’t optional—it’s critical.

Installation

composer require mathiasreker/php-svg-optimizer

Usage

1️⃣ Command Line (CLI)

vendor/bin/svg-optimizer --with-all-rules process /path/to/svgs

2️⃣ As a PHP Package

try {
    $svgOptimizer = (new SvgOptimizer())
        ->withAllRules()
        ->optimize()
        ->saveToFile('path/to/output.svg');

    $metaData = $svgOptimizer->getMetaData();

    echo sprintf('Optimized size: %d bytes%s', $metaData->getOptimizedSize(), PHP_EOL);
    echo sprintf('Original size: %d bytes%s', $metaData->getOriginalSize(), PHP_EOL);
    echo sprintf('Size reduction: %d bytes%s', $metaData->getSavedBytes(), PHP_EOL);
    echo sprintf('Reduction percentage: %s %%s', $metaData->getSavedPercentage(), PHP_EOL);
    echo sprintf('Processing time: %s seconds%s', $metaData->getOptimizationTime(), PHP_EOL);
} catch (\Exception $exception) {
    echo $exception->getMessage();
}

Configuration – What Makes It Powerful?

->withRules(
    convertColorsToHex: true,
    convertCssClassesToAttributes: true,
    convertEmptyTagsToSelfClosing: true,
    convertInlineStylesToAttributes: true,
    fixAttributeNames: false,
    flattenGroups: true,
    minifySvgCoordinates: true,
    minifyTransformations: true,
    removeAriaAndRole: true,
    removeComments: true,
    removeDataAttributes: false,
    removeDefaultAttributes: true,
    removeDeprecatedAttributes: true,
    removeDoctype: true,
    removeDuplicateElements: true,
    removeEmptyAttributes: true,
    removeEmptyGroups: true,
    removeEmptyTextElements: true,
    removeEnableBackgroundAttribute: false,
    removeInkscapeFootprints: true,
    removeInvisibleCharacters: true,
    removeMetadata: true,
    removeNonStandardAttributes: false,
    removeNonStandardTags: false,
    removeTitleAndDesc: true,
    removeUnnecessaryWhitespace: true,
    removeUnsafeElements: false,
    removeUnusedMasks: true,
    removeUnusedNamespaces: true,
    removeWidthHeightAttributes: false,
    sortAttributes: true,
)

Secure SVG Upload Example

SvgOptimizerFacade::fromFile('uploaded.svg')
    ->withRules(
        removeUnsafeElements: true,
        removeNonStandardTags: true,
        removeNonStandardAttributes: true
    )
    ->allowRisky()
    ->optimize()
    ->saveToFile('sanitized.svg');

This significantly reduces the risk of XSS when embedding user‑uploaded SVGs.

Developer Experience

The project emphasizes:

  • PHPStan Level 9
  • 100 % type coverage
  • High test coverage
  • Strategy‑based architecture
  • Deterministic output

If you work with SVGs in PHP, this tool deserves a place in your workflow.

⭐ If you find it useful, consider giving it a star on GitHub.

0 views
#php #svg #svg-optimizer #image-optimization #security #sanitization #cli #composer #web-development
View source
Share:
Back to Blog

Related posts

Read more »

My Personal Blog Is Finally Live

!Cover image for My Personal Blog Is Finally Livehttps://media2.dev.to/dynamic/image/width=1000,height=420,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fdev-...