willdurand / jsonp-callback-validator
JSONP callback validator.
Installs: 80 795 160
Dependents: 15
Suggesters: 0
Security: 0
Stars: 664
Watchers: 6
Forks: 9
Open Issues: 0
Requires
- php: >=7.1.0
Requires (Dev)
- symfony/phpunit-bridge: ^5.0
This package is auto-updated.
Last update: 2024-10-29 03:48:15 UTC
README
JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks.
Usage
$validator = new \JsonpCallbackValidator(); $validator->validate("JSONP.callback"); // returns `true` $validator->validate("(function xss(x){evil()})"); // returns `false`
Or as a static method:
\JsonpCallbackValidator::validate("JSONP.callback"); // returns `true` \JsonpCallbackValidator::validate("(function xss(x){evil()})"); // returns `false`
Installation
The recommended way to install JsonpCallbackValidator is through Composer:
$ composer require willdurand/jsonp-callback-validator
Unit Tests
Setup the test suite using Composer:
$ composer install
Run it using PHPUnit:
$ ./vendor/bin/simple-phpunit
Contributing
See CONTRIBUTING file.
Credits
License
JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details.