Oliver Hader

Seems to be reasonable. I'll add some more test-cases covering the new behavior during the next few day - in case somebody else is faster, please don't hesitate... 😉

Style property `mask-type` and node `` seem to be okay when using a strict allow-list of possible attributes/properties/values. → https://developer.mozilla.org/en-US/docs/Web/CSS/mask-type

Sounds reasonable to me to drop all Other-ML elements due to [`foreignObject`](https://developer.mozilla.org/en-US/docs/Web/SVG/Element/foreignObject) being not allowed. Besides that, there probably should be more unit test cases for exactly these kind of...

> deprecated ; https://developer.mozilla.org/en-US/docs/Web/SVG/Attribute/enable-background Sure, but still being used in the wild. It's similar to `xlink:href` which still is used even it is deprecated (https://developer.mozilla.org/en-US/docs/Web/SVG/Attribute/xlink:href).

Hm, I don't think there was a "strong" reason for dropping PHP 5.6 support - basically due to the fact it was officially unsupported at that time already. I know...

The way to a PHP5-compat version does not seem to be too difficult: https://github.com/darylldoyle/svg-sanitizer/compare/master...TYPO3GmbH:svg-sanitize-elts7:master In case anyone wants to pick that up and re-introduces those commits, just go ahead 👍

It seems you managed to publish empty commits...

As far as I understood, it's not about the attribute name (like `href`), but about declaring allowed values or value patterns? I've been working on a DOM-base sanitizer for HTML,...

Can you please add an example SVG snippet showing usage of `enable-background`? Thx

Spotted `` in PR #65