willdurand/jsonp-callback-validator
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|
The willdurand/jsonp-callback-validator is a powerful tool designed to validate JSONP callbacks in order to enhance the security of your application by preventing Cross-Site Scripting (XSS) attacks. The tool was created by willdurand and can be easily integrated into any PHP project, contributing to the overall safety and reliability of web applications.
Utilizing the willdurand/jsonp-callback-validator is straightforward and can significantly enhance your web application's security. Validating a JSONP callback only requires a few lines of code with this package. Here are some usage examples:
To use as an object:
$validator = new \JsonpCallbackValidator();
$validator->validate("JSONP.callback"); // returns `true`
$validator->validate("(function xss(x){evil()})"); // returns `false`
You can also use it as a static method:
\JsonpCallbackValidator::validate("JSONP.callback"); // returns `true`
\JsonpCallbackValidator::validate("(function xss(x){evil()})"); // returns `false`
Remember, a valid callback returns true
while an invalid callback (one that could lead to XSS attacks) returns false
.
Before using the validator, don't forget to install it in your project.
It can be easily installed via composer:
$ composer require willdurand/jsonp-callback-validator
The comprehensive documentation for willdurand/jsonp-callback-validator is available on its GitHub repository, where you'll find instructions on how to use and install the package, conduct unit tests, and contribute to its development. To get to the docs, simply navigate to https://github.com/willdurand/JsonpCallbackValidator.