JsonpCallbackValidator
JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks.
Usage
$validator = new \JsonpCallbackValidator();
$validator->validate('JSONP.callback');
// returns `true`
$validator->validate('(function xss(x){evil()})');
// returns `false`
Installation
The recommended way to install JsonpCallbackValidator is through Composer:
{
"require": {
"willdurand/jsonp-callback-validator": "@stable"
}
}
Protip: you should browse the
willdurand/jsonp-callback-validator
page to choose a stable version to use, avoid the @stable
meta constraint.
Unit Tests
Setup the test suite using Composer:
$ composer install --dev
Run it using PHPUnit:
$ ./vendor/bin/phpunit
Contributing
See CONTRIBUTING file.
Credits
License
JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details.