Performance Team Proposes Support SVG Images in WordPress

Performance Team Proposes Support SVG Images in WordPress - Hero Image

Shortly after proposing the inclusion of WebP images by default on WordPress, the Performance Team has proposed adding SVG (Scalable Vector Graphics) image support to WordPress.

Bringing SVG support into WordPress has been a community effort for the past 9 years, with the ticket for this request being updated every couple of months. So what has changed, and how the introduction of the Performance Lab plugin might change the course of this nearly ten-year journey?

SVG Images and WordPress

SVGs are images that can easily be resized (or scaled) without losing resolution. This makes it a perfect format for favicons, logos, icons, and more assets that are needed for web design.

Similar to WebP images, SVGs are also widely used on the internet and compatible with 98.8% of browsers globally.

However, users are frequently surprised when they try to upload a logo or favicon to their WordPress website, and it errors out.

Before the introduction of WebP compatibility in version 5.8, WordPress only supported the following image types:

  • .jpg/JPEG
  • .png
  • .ico
  • .gif 

As SVG images grew in popularity, and because of the lack of support from WordPress Core, plugins such as SVG Support started gaining traction. These plugins allow users to save SVG files to their media libraries, which are smaller due to being saved as XML text files.

XML files are SEO friendly as they can be crawled and indexed, another reason designers found them useful.

It is this detail that worries developers.

Security Concerns and a Proposed Solution

Because of the possibility of adding Javascript to SVG files, developers are concerned that malicious code can be introduced into WordPress installations.

The Performance Team met on July 12, 2022, to further discuss the possible introduction of SVG into WordPress and the best way to tackle security concerns.

The proposed solution would be a module for SVG uploads that would strip or “sanitize” them before being incorporated into the media library.

“A lot of concerns have been raised in the original Trac ticket about this in terms of security, as SVGs could include scripts, which is a security concern. The proposal only allows for SVGs to be uploaded if they do not contain scripts.”

As none of the current plugins for SVG image uploads are backed by WordPress Core, the team decided to focus on adding the module to the Performance Lab plugin instead. In this current optional plugin, users can test out WordPress optimization options that could be added to WordPress core in the future.

Currency, the Performance Team’s image section focuses on WebP conversion being introduced into WordPress Core, but SVG is close behind.

“Given that there are reliable approaches out there already for stripping scripts from SVGs, would be realistic to get this as a module fairly quickly and then get some testing. 6.2 for core merge would be a realistic goal.”

Performance Lab Plugin in the WordPress.org Repository

What the Future Holds

The Performance Team has brought into focus various features the WordPress community has been asking for, therefore expanding support for other file types, especially for an image format that is widely used and loved by designers and developers across the world, seems to be the best next step.

The team will craft a polished concept for coding and testing the module before introducing the Performance Lab plugin. As there is already infrastructure from available plugins, a working testing version could come as early as version 6.2.

You can visit their GitHub repository for more information on the future of SVG images on WordPress or how to contribute to their efforts.

Comments

It looks like this article doesn't have any comments yet - you can be the first. If you have any comments or questions, start the conversation!

Was this article helpful? Let us know!