Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
The canvg npm package is a versatile library that allows users to parse and render SVG (Scalable Vector Graphics) to a Canvas element in a browser or on the server-side using Node.js. It is particularly useful for converting SVGs into Canvas for manipulation, rendering, or exporting purposes.
Rendering SVG to Canvas
This code sample demonstrates how to load an SVG file, render it onto a Canvas, and then save the Canvas output as a PNG file. This is useful for server-side generation of images from SVG files.
const canvg = require('canvg');
const Canvas = require('canvas');
const fs = require('fs');
const canvas = Canvas.createCanvas(800, 600);
const ctx = canvas.getContext('2d');
const svg = fs.readFileSync('path/to/your/svgfile.svg', 'utf-8');
canvg(ctx, svg);
const out = fs.createWriteStream('path/to/output.png');
const stream = canvas.createPNGStream();
stream.pipe(out);
Manipulating SVG before rendering
This example shows how to manipulate SVG data by changing its color before rendering it to a Canvas. This is useful for dynamically altering the appearance of SVGs based on runtime conditions.
const canvg = require('canvg');
const Canvas = require('canvas');
const fs = require('fs');
const canvas = Canvas.createCanvas(800, 600);
const ctx = canvas.getContext('2d');
let svg = fs.readFileSync('path/to/your/svgfile.svg', 'utf-8');
// Modify SVG data
svg = svg.replace('fill:#000000', 'fill:#123456');
// Render modified SVG to canvas
canvg(ctx, svg);
Fabric.js is a powerful and rich graphics library, allowing you to manipulate and render both SVG and Canvas elements. Compared to canvg, Fabric.js offers a broader set of features for interactive object model on canvas, including a full suite of interactive capabilities such as drag and drop, object manipulation, and events.
svg2canvas is another library that focuses on converting SVG documents into Canvas elements. While similar in purpose to canvg, svg2canvas might have different implementation details or performance characteristics, making it a viable alternative depending on specific project requirements.
In an attempt to keep this repo more active and merge PRs and do releases, if you would like to be a contributor, please start a conversation with me at gabelerner at gmail. The prerequisite is to have a few PRs open to prove out an understanding of the code. Thanks!
canvg is a SVG parser and renderer. It takes a URL to a SVG file or the text of an SVG file, parses it in JavaScript, and renders the result on a Canvas element. The rendering speed of the examples is about as fast as native SVG.
The end goal is everything from the SVG spec. The majority of the rendering and animation is working. If you would like to see a feature implemented, don't hesitate to contact me or add it to the issues list.
Locally, you can run npm start
and view the examples at http://localhost:3123/examples/index.htm
npm run build
then look in the dist
folder
npm run test-node
runs tests on node
npm run test-browser
runs tests on browser
npm run generate-expected foo.svg
to create the expected png for a given svg in the svgs
foldernpm install canvg@^1.5
2.0.0 beta (see CHANGELOG)
npm install canvg@2.0.0-beta.1 canvas@^2 jsdom@^13 xmldom@^0
The dependencies required on the server only are peers so must be installed alongside the canvg package.
For browser applications with a build process, canvg can be installed using npm
similar to use on the server. Note in this case the peer dependencies are not required so do not need to be installed.
Alternatively, canvg can be included directly into a webpage:
<!-- Required to convert named colors to RGB -->
<script src="https://cdn.jsdelivr.net/npm/rgbcolor@^1/index.js"></script>
<!-- Optional if you want blur -->
<script src="https://cdn.jsdelivr.net/npm/stackblur-canvas@^1/dist/stackblur.min.js"></script>
<!-- Main canvg code -->
<script src="https://cdn.jsdelivr.net/npm/canvg/dist/browser/canvg.min.js"></script>
For the 2.0.0 beta (see CHANGELOG), use this:
<!-- Required to convert named colors to RGB -->
<script src="https://cdn.jsdelivr.net/npm/rgbcolor@^1/index.js"></script>
<!-- Optional if you want blur -->
<script src="https://cdn.jsdelivr.net/npm/stackblur-canvas@^1/dist/stackblur.min.js"></script>
<!-- Main canvg code -->
<script src="https://cdn.jsdelivr.net/npm/canvg@2.0.0-beta.1/dist/browser/canvg.min.js"></script>
Put a canvas on your page
<canvas id="canvas" width="1000px" height="600px"></canvas>
Example canvg calls:
<script>
window.onload = function() {
//load '../path/to/your.svg' in the canvas with id = 'canvas'
canvg('canvas', '../path/to/your.svg')
//load a svg snippet in the canvas with id = 'drawingArea'
canvg(document.getElementById('drawingArea'), '<svg>...</svg>')
//ignore mouse events and animation
canvg('canvas', 'file.svg', { ignoreMouse: true, ignoreAnimation: true })
}
</script>
The third parameter is options:
You can call canvg without parameters to replace all svg images on a page. See the example.
There is also a built in extension method to the canvas context to draw svgs similar to the way drawImage works:
var c = document.getElementById('canvas');
var ctx = c.getContext('2d');
ctx.drawSvg(SVG_XML_OR_PATH_TO_SVG, dx, dy, dw, dh);
FAQs
JavaScript SVG parser and renderer on Canvas.
We found that canvg demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.