Stars: 653
Forks: 11
Pull Requests: 10
Issues: 2
Watchers: 6
Last Updated: 2023-07-29 16:52:43
JSONP callback validator.
License: MIT License
Languages: PHP
JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks.
$validator = new \JsonpCallbackValidator();
$validator->validate("JSONP.callback");
// returns `true`
$validator->validate("(function xss(x){evil()})");
// returns `false`
Or as a static method:
\JsonpCallbackValidator::validate("JSONP.callback");
// returns `true`
\JsonpCallbackValidator::validate("(function xss(x){evil()})");
// returns `false`
The recommended way to install JsonpCallbackValidator is through Composer:
$ composer require willdurand/jsonp-callback-validator
Setup the test suite using Composer:
$ composer install
Run it using PHPUnit:
$ ./vendor/bin/simple-phpunit
See CONTRIBUTING file.
JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details.