octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">JsonpCallbackValidator

JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks.

octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">Usage

$validator = new \JsonpCallbackValidator();

$validator->validate("JSONP.callback");
// returns `true`

$validator->validate("(function xss(x){evil()})");
// returns `false`

Or as a static method:

\JsonpCallbackValidator::validate("JSONP.callback");
// returns `true`

\JsonpCallbackValidator::validate("(function xss(x){evil()})");
// returns `false`

octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">Installation

The recommended way to install JsonpCallbackValidator is through Composer:

$ composer require willdurand/jsonp-callback-validator

octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">Unit Tests

Setup the test suite using Composer:

$ composer install

Run it using PHPUnit:

$ ./vendor/bin/simple-phpunit

octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">Contributing

See CONTRIBUTING file.

octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">Credits

• Erik Eng (@ptz0n) for his Gist

octicon-link" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true">License

JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details.

OPEN ISSUES

RELEASES