Skip to main content

validate_https_public_uri

Function validate_https_public_uri 

Source
pub fn validate_https_public_uri(
    uri: &str,
    label: &str,
) -> Result<Url, AuthError>
Expand description

Validates that uri is a public HTTPS endpoint safe for outbound requests.

Rules:

  • Scheme must be https
  • Host must not be a loopback, private, link-local, CGN, benchmark, reserved, or otherwise SSRF-blocked address (delegated to the canonical camel_api::is_ssrf_blocked_ip helper).
  • A small set of well-known loopback hostnames (localhost, localhost.localdomain, 0.0.0.0) is rejected even though they don’t parse as IP literals — DNS for those names conventionally resolves to a blocked address on every sane system.

Returns the parsed url::Url on success so callers can reuse it.