internal static bool IsSafeUrl(string urlString, HttpRequest httpRequest)
{
if (string.IsNullOrEmpty(urlString))
{
return(false);
}
Uri uri;
if (null == (uri = Utilities.TryParseUri(urlString)))
{
return(false);
}
string scheme = uri.Scheme;
if (string.IsNullOrEmpty(scheme))
{
return(false);
}
if (!Uri.CheckSchemeName(scheme) || !TextConvertersInternalHelpers.IsUrlSchemaSafe(scheme))
{
return(false);
}
if (Redir.IsHttpOrHttps(scheme))
{
string text = httpRequest.ServerVariables["HTTP_HOST"];
return(!string.IsNullOrEmpty(text) && Redir.CheckHostNameWithHttpHost(urlString, uri, text));
}
return(true);
}
internal static bool IsSafeUrl(string urlString)
{
if (string.IsNullOrEmpty(urlString))
{
return(false);
}
Uri uri;
if (null == (uri = UrlUtilities.TryParseUri(urlString)))
{
return(false);
}
string scheme = uri.Scheme;
return(!string.IsNullOrEmpty(scheme) && Uri.CheckSchemeName(scheme) && TextConvertersInternalHelpers.IsUrlSchemaSafe(scheme));
}
