Function validate_url_safe 

pub fn validate_url_safe(url: &str) -> Result<String>

Validate URL to prevent SSRF (Server-Side Request Forgery) attacks

This function checks URLs for private IP ranges, localhost, and metadata endpoints that could be exploited in SSRF attacks.

Security Concerns

• Blocks localhost (127.0.0.1, ::1, localhost)
• Blocks private IP ranges (10.x, 172.16-31.x, 192.168.x)
• Blocks link-local addresses (169.254.x)
• Blocks cloud metadata endpoints

Example

use mockforge_core::validation::validate_url_safe;

assert!(validate_url_safe("https://example.com").is_ok());
assert!(validate_url_safe("http://localhost:8080").is_err());
assert!(validate_url_safe("http://169.254.169.254/metadata").is_err());