willdurand/jsonp-callback-validator

JSONP callback validator.

JsonpCallbackValidator

, _(*1)

JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks., _(*2)

Usage

$validator = new \JsonpCallbackValidator();

$validator->validate("JSONP.callback");
// returns `true`

$validator->validate("(function xss(x){evil()})");
// returns `false`

Or as a static method:, _(*3)

\JsonpCallbackValidator::validate("JSONP.callback");
// returns `true`

\JsonpCallbackValidator::validate("(function xss(x){evil()})");
// returns `false`

Installation

The recommended way to install JsonpCallbackValidator is through Composer:, _(*4)

$ composer require willdurand/jsonp-callback-validator

Unit Tests

Setup the test suite using Composer:, _(*5)

$ composer install

Run it using PHPUnit:, _(*6)

$ ./vendor/bin/simple-phpunit

Contributing

See CONTRIBUTING file., _(*7)

Credits

• Erik Eng (@ptz0n) for his Gist

License

JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details., _(*8)