/**
* SVG Sanitization Utilities
* OWASP-compliant SVG sanitization using allowlist approach
*
* This module addresses:
* - Script tag injection
* - Event handler injection (onload, onerror, etc.)
* - javascript: URL schemes
* - CSS-based XSS (expression(), url(), -moz-binding)
* - SMIL animation attacks
* - foreignObject-based HTML injection
* - External reference attacks (use, image elements)
* - XXE via DOCTYPE/ENTITY declarations
*
* Uses regex-based approach for robustness without external dependencies.
*
* @see https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
*/
import type { SvgSanitizationResult } from "../../types/index.js";
/**
* Sanitize SVG content by removing dangerous elements and attributes.
* Uses OWASP-compliant allowlist approach with regex-based parsing.
*
* @param svgContent - Raw SVG content to sanitize
* @returns Sanitized SVG content
* @throws Error if SVG content is invalid or contains XXE declarations
*
* @example
* const malicious = '';
* const safe = sanitizeSvgContent(malicious); // ''
*
* @example
* const xss = '';
* const safe = sanitizeSvgContent(xss); // ''
*/
export declare function sanitizeSvgContent(svgContent: string): string;
/**
* Sanitize SVG content with detailed information about what was removed.
* Useful for logging and security auditing.
*
* @param svgContent - Raw SVG content to sanitize
* @returns Detailed sanitization result with removed items
* @throws Error if SVG content is invalid or contains XXE declarations
*/
export declare function sanitizeSvgContentDetailed(svgContent: string): SvgSanitizationResult;
/**
* Check if SVG content appears to be safe (quick validation).
* Does NOT sanitize - use sanitizeSvgContent for that.
*
* @param svgContent - SVG content to check
* @returns true if content appears safe, false if it contains suspicious patterns
*/
export declare function isSvgContentSafe(svgContent: string): boolean;
/**
* Legacy alias for sanitizeSvgContent.
* Maintained for backward compatibility.
*
* @param svgContent - Raw SVG content
* @returns Sanitized SVG content
*/
export declare function sanitizeSvg(svgContent: string): string;
/**
* Get lists of safe and dangerous elements/attributes for reference.
* Useful for documentation and debugging.
*/
export declare function getSvgSanitizationRules(): {
safeElements: string[];
dangerousElements: string[];
safeAttributes: string[];
dangerousAttributes: string[];
};