. * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU Affero General Public License version 3. * * In accordance with Section 7(b) of the GNU Affero General Public License version 3, * these Appropriate Legal Notices must retain the display of the "EspoCRM" word. ************************************************************************/ namespace Espo\Classes\FieldValidators\Webhook\Url; use Espo\Core\FieldValidation\Validator; use Espo\Core\FieldValidation\Validator\Data; use Espo\Core\FieldValidation\Validator\Failure; use Espo\Core\Utils\Security\UrlCheck; use Espo\Core\Webhook\AddressUtil; use Espo\ORM\Entity; /** * @implements Validator */ class NotInternal implements Validator { public function __construct( private UrlCheck $urlCheck, private AddressUtil $addressUtil, ) {} public function validate(Entity $entity, string $field, Data $data): ?Failure { $value = $entity->get($field); if (!$value) { return null; } if (!$this->urlCheck->isUrl($value)) { return null; } if ($this->addressUtil->isAllowedUrl($value)) { return null; } if (!$this->urlCheck->isNotInternalUrl($value)) { return Failure::create(); } return null; } }