JSONP callback validator.
PHP
Latest commit 5a8de44 Feb 25, 2016 @willdurand Merge pull request #4 from stof/patch-1
Improve the composer instructions in the readme
Permalink
Failed to load latest commit information.
src Allows to call the `validate` method statically Jan 20, 2014
tests Allows to call the `validate` method statically Jan 20, 2014
.gitignore Initial commit Oct 17, 2013
.travis.yml
CONTRIBUTING.md Update README + Add LICENSE, CONTRIBUTING files Oct 17, 2013
LICENSE Update README + Add LICENSE, CONTRIBUTING files Oct 17, 2013
README.md Improve the composer instructions in the readme Feb 25, 2016
composer.json Try HHVM on Travis-CI Oct 25, 2013
phpunit.xml.dist Initial commit Oct 17, 2013

README.md

JsonpCallbackValidator

Build
Status Total
Downloads Latest Stable
Version

JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks.

Usage

$validator = new \JsonpCallbackValidator();

$validator->validate('JSONP.callback');
// returns `true`

$validator->validate('(function xss(x){evil()})');
// returns `false`

Or as a static method:

\JsonpCallbackValidator::validate('JSONP.callback');
// returns `true`

\JsonpCallbackValidator::validate('(function xss(x){evil()})');
// returns `false`

Installation

The recommended way to install JsonpCallbackValidator is through Composer:

$ composer require willdurand/jsonp-callback-validator

Unit Tests

Setup the test suite using Composer:

$ composer install

Run it using PHPUnit:

$ ./vendor/bin/phpunit

Contributing

See CONTRIBUTING file.

Credits

License

JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details.