Skip to content
master
Switch branches/tags
Code

Latest commit

* Run travis with PHP7
* Fixed build on HHVM
* Better fix HHVM
9b23d3b

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
src
 
 
 
 
 
 
 
 
 
 
 
 

JsonpCallbackValidator

Build Status Total Downloads Latest Stable Version

JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks.

Usage

$validator = new \JsonpCallbackValidator();

$validator->validate('JSONP.callback');
// returns `true`

$validator->validate('(function xss(x){evil()})');
// returns `false`

Or as a static method:

\JsonpCallbackValidator::validate('JSONP.callback');
// returns `true`

\JsonpCallbackValidator::validate('(function xss(x){evil()})');
// returns `false`

Installation

The recommended way to install JsonpCallbackValidator is through Composer:

$ composer require willdurand/jsonp-callback-validator

Unit Tests

Setup the test suite using Composer:

$ composer install

Run it using PHPUnit:

$ ./vendor/bin/phpunit

Contributing

See CONTRIBUTING file.

Credits

License

JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details.