Registration of media typeimage/svg+xml

Chris Lilley <> Thu, 17 June 2010 14:27 UTC

Received: from (localhost []) by (8.14.4/8.14.3) with ESMTP id o5HERHGN010543 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 17 Jun 2010 07:27:17 -0700 (MST) (envelope-from
Received: (from majordom@localhost) by (8.14.4/8.13.5/Submit) id o5HERH3a010542; Thu, 17 Jun 2010 07:27:17 -0700 (MST) (envelope-from
X-Authentication-Warning: majordom set sender to using -f
Received: from ( []) by (8.14.4/8.14.3) with ESMTP id o5HERFDY010537 (version=TLSv1/SSLv3 cipher=AES256-SHA bits=256 verify=NO) for <>; Thu, 17 Jun 2010 07:27:16 -0700 (MST) (envelope-from
Received: from localhost ([]) by with esmtpa (Exim 4.69) (envelope-from <>) id 1OPG3l-0006Lc-TF; Thu, 17 Jun 2010 10:27:14 -0400
Date: Thu, 17 Jun 2010 16:26:24 +0200
From: Chris Lilley <>
X-Mailer: The Bat! (v3.95.6) Home
Reply-To: Chris Lilley <>
Organization: W3C
X-Priority: 3 (Normal)
Message-ID: <>
Subject: Registration of media typeimage/svg+xml
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-Archive: <>
List-ID: <>
List-Unsubscribe: <>

   Type name:

   Subtype name:

   Required parameters:

   Optional parameters:

          Same as application/xml media type, as specified in
          RFC3023 or it's successor.

   Encoding considerations:
          Same as for application/xml. See RFC3023, section 3.2.

   Security considerations:
          As with other XML types and as noted in RFC3023 section
          10, repeated expansion of maliciously constructed XML
          entities can be used to consume large amounts of memory,
          which may cause XML processors in constrained environments to

          SVG documents may be transmitted in compressed form using
          gzip compression. For systems which employ MIME-like
          mechanisms, such as HTTP, this is indicated by the
          Content-Transfer-Encoding header; for systems which do not,
          such as direct filesystem access, this is indicated by the
          filename extension and by the Macintosh File Type Codes. In
          addition, gzip compressed content is readily recognized by
          the initial byte sequence as described in RFC1952
          section 2.3.1.

          Several SVG elements may cause arbitrary URIs to be
          referenced. In this case, the security issues of
          RFC3986, section 7, should be considered.

          In common with HTML, SVG documents may reference external
          media such as images, audio, video, style sheets, and
          scripting languages. Scripting languages are executable
          content. In this case, the security considerations in the
          Media Type registrations for those formats shall apply.

          In addition, because of the extensibility features for SVG
          and of XML in general, it is possible that "image/svg+xml"
          may describe content that has security implications beyond
          those described here. However, if the processor follows only
          the normative semantics of this specification, this content
          will be outside the SVG namespace and shall be ignored. Only
          in the case where the processor recognizes and processes the
          additional content, or where further processing of that
          content is dispatched to other processors, would security
          issues potentially arise. And in that case, they would fall
          outside the domain of this registration document.

   Interoperability considerations:
          This specification describes processing semantics that
          dictate behavior that must be followed when dealing with,
          among other things, unrecognized elements and attributes,
          both in the SVG namespace and in other namespaces.

          Because SVG is extensible, conformant "image/svg+xml"
          processors must expect that content received is well-formed
          XML, but it cannot be guaranteed that the content is valid to
          a particular DTD or Schema or that the processor will
          recognize all of the elements and attributes in the document.

          SVG has a published Test Suite and associated implementation
          report showing which implementations passed which tests at
          the time of the report. This information is periodically
          updated as new tests are added or as implementations improve.

   Published specification:
          This media type registration is extracted from Appendix P of
          the SVG 1.1 specification.

Applications that use this media type:
          SVG is used by Web browsers, often in conjunction with HTML;
          by mobile phones and digital cameras, as a format for
          interchange of graphical assets in desk top publishing, for
          industrial process visualization, display signage, and many
          other applications which require scalable static or
          interactive graphical capability.

   Additional information:

        Magic number(s):

        File extension(s):
                svg, svgz (if gzip-compressed)

        Macintosh file type code(s):
                "svg " (all lowercase, with a space character as the
                fourth letter), "svgz" (all lowercase, if

   Person & email address to contact for further information:
          Chris Lilley, Doug Schepers (

   Intended usage:

   Restrictions on usage:

          The SVG specification is a work product of the World Wide Web
          Consortium's SVG Working Group.

   Change controller:
          The W3C has change control over this specification.


 Chris Lilley          
 Technical Director, Interaction Domain
 W3C Graphics Activity Lead
 Co-Chair, W3C Hypertext CG