The worst problem may be SVG itself - SVG 1.2 which dates from 2004 was abandoned, and most browsers implement SVG 1.1 which is rather lacking in features. This makes it hard if you're a designer to produce SVG documents which a browser can actually render.
At a bare minimum any SVG hosting project would have to involve some sort of SVG lint, to make sure that browser-incompatible SVG elements are not present, implement workarounds for browser-specific bugs, and check that there are no <script> tags etc. The sheer size and complexity of even SVG 1.1 makes it non-trivial. One pragmatic approach to sanitize SVG may be to round-trip SVG -> PDF -> SVG via cairosvg and pdftocairo, though it may burn some CPU.
Wikipedia does it using librsvg, fwiw: https://live.gnome.org/LibRsvg
I keep hoping that epub will generate a renaissance of interest in SVG. So far no luck.
You don't need to sanitize SVGs to host them safely - you just put them inside <img> tag and browsers will do sandboxing for you.
What features do you actually miss in SVG 1.1? Gradient meshes? 3d transforms? multiple fills? I can think of only advanced stuff that is rarely used and tricky to do with other web technologies anyway.
Also, why would you want to strip browser-incompatible SVG elements? Browsers will simply ignore such elements.
SVG rendered via an <img> tag has restrictions in browsers, for example Firefox will not allow the SVG to reference an external image file such as a jpg. Once again, you put the raw SVG file in the browser and it does not render...
Obviously I miss any SVG 1.2 feature which Inkscape lets me easily use. Compositing for example. User has "SVG" output from Inkscape, user puts it on an "SVG" hosting service, it does not render in the browser = unhappy user. Users don't care less about what version of SVG they are using.
Stripping browser-incompatible elements could be useful, for example, if I place my content inside an SVG 1.2 <page> then the browser will render nothing at all, where as if the server stripped out the <page> element first, I'd be able to see my content. Obviously this applies only to a single page tag. Once again, you put the raw SVG file in the browser and it does not render...
Bug-workarounds are the primary reason for wanting to manipulate the elements though, there is a Safari bug which can cause it to ignore <defs> but work if you switch out <defs> for <g>. Once again, you put the raw SVG file in the browser and it does not render...
Inkscape is doing layer compositing by applying filters on groups. This is not SVG 1.2 feature. It was present in SVG 1.1 for years and it's still not properly implemented by all browsers and authoring tools: http://www.w3.org/TR/SVG/filters.html#feBlendElement
That is simply not true, as I've explained above. You can't call an SVG 1.1 file poorly authored because Safari has a bug displaying it, or Firefox doesn't support the filter you used. The fault is with the browser, not the end user.
> It was present in SVG 1.1 for years and it's still not properly implemented by all browsers
Now you're just contradicting yourself! Though "good support" was an ambiguous weasel phrase in the first place.
It's clear that you don't know much about what browsers do and don't support and what bugs exist, because your previous answer was so naively wrong. You need to not just trust statements like "supports SVG 1.1" on Wikipedia and actually apply your mind to discovering the nuanced details of what's actually out there.
Files that break cross-origin policy or use non-standard tags are poorly authored by my standards.
I have a lot of experience with SVG under WebKit-based browsers and so far everything renders just fine for me except for advanced features mentioned earlier.