willdurand/jsonp-callback-validator

JSONP callback validator.

Maintainers

👁 couac

Package info

github.com/willdurand/JsonpCallbackValidator

pkg:composer/willdurand/jsonp-callback-validator

Statistics

Installs: 103 698 727

Dependents: 15

Suggesters: 1

Stars: 659

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v2.0.0 2022-01-30 20:33 UTC

Requires

php: >=7.1.0

Requires (Dev)

symfony/phpunit-bridge: ^5.0

Suggests

None

Provides

None

Conflicts

None

Replaces

None

MIT 738c36e91d4d7e0ff0cac145f77057e0fb88526e

William Durand <will+git.woop@drnd.me>

This package is auto-updated.

Last update: 2026-05-29 00:53:41 UTC

README

👁 GitHub Actions
👁 Total Downloads
👁 Latest Stable Version

JsonpCallbackValidator allows you to validate a JSONP callback in order to prevent XSS attacks.

Usage

$validator = new \JsonpCallbackValidator();

$validator->validate("JSONP.callback");
// returns `true`

$validator->validate("(function xss(x){evil()})");
// returns `false`

Or as a static method:

\JsonpCallbackValidator::validate("JSONP.callback");
// returns `true`

\JsonpCallbackValidator::validate("(function xss(x){evil()})");
// returns `false`

Installation

The recommended way to install JsonpCallbackValidator is through Composer:

$ composer require willdurand/jsonp-callback-validator

Unit Tests

Setup the test suite using Composer:

$ composer install

Run it using PHPUnit:

$ ./vendor/bin/simple-phpunit

Contributing

See CONTRIBUTING file.

Credits

Erik Eng (@ptz0n) for his Gist

License

JsonpCallbackValidator is released under the MIT License. See the bundled LICENSE file for details.

URL: https://packagist.org/packages/willdurand/jsonp-callback-validator

⇱ willdurand/jsonp-callback-validator - Packagist.org

willdurand/jsonp-callback-validator

Maintainers

Package info

Statistics

Security

README

Usage

Installation

Unit Tests

Contributing

Credits

License