. * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU Affero General Public License version 3. * * In accordance with Section 7(b) of the GNU Affero General Public License version 3, * these Appropriate Legal Notices must retain the display of the "EspoCRM" word. ************************************************************************/ namespace Espo\Core\Utils\Security; use const FILTER_VALIDATE_URL; use const PHP_URL_HOST; class UrlCheck { public function __construct( private HostCheck $hostCheck, ) {} public function isUrl(string $url): bool { return filter_var($url, FILTER_VALIDATE_URL) !== false; } /** * Checks whether a URL does not follow to an internal host. */ public function isNotInternalUrl(string $url): bool { if (!$this->isUrl($url)) { return false; } $host = parse_url($url, PHP_URL_HOST); if (!is_string($host)) { return false; } return $this->hostCheck->isNotInternalHost($host); } }