{"type":"rich","version":"1.0","provider_name":"phorkie","provider_url":"https:\/\/p.cweiske.de\/","title":"Laravel 8: Validate that URL is a local URL","author_name":"Christian Weiske","cache_age":86400,"width":900,"height":900,"html":"<!-- embedding all files of https:\/\/p.cweiske.de\/910 -->\n<link rel=\"stylesheet\" href=\"https:\/\/p.cweiske.de\/css\/embed.css\"\/>\n<div class=\"phork\" id=\"910\">\n    <div class=\"phork-file\">\n <div class=\"phork-content\">\n  \n<div class=\"document\">\n\n\n<p>To prevent redirects to external URLs after Login.<\/p>\n<p><a class=\"reference external\" href=\"https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html\">https:\/\/cheatsheetseries.owasp.org\/cheatsheets\/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html<\/a><\/p>\n<\/div>\n\n <\/div>\n <div class=\"phork-meta\">\n  <a href=\"https:\/\/p.cweiske.de\/910\/rev-raw\/82038f722970adf6cd71c8447f22c72b45487f38\/README.rst\" style=\"float: right\">view raw source<\/a>\n  <a href=\"https:\/\/p.cweiske.de\/910#README.rst\">README.rst<\/a>\n <\/div>\n<\/div>\n    <div class=\"phork-file\">\n <div class=\"phork-content\">\n  <style type=\"text\/css\">\/**\n * GeSHi (C) 2004 - 2007 Nigel McNie, 2007 - 2014 Benny Baumann\n * (http:\/\/qbnz.com\/highlighter\/ and http:\/\/geshi.org\/)\n *\/\n.php .de1, .php .de2 {font: normal normal 1em\/1.2em monospace; margin:0; padding:0; background:none; vertical-align:top;}\n.php  {font-family:monospace;}\n.php .imp {font-weight: bold; color: red;}\n.php li, .php .li1 {color: #DDD;}\n.php .ln {width:1px;text-align:right;margin:0;padding:0 2px;vertical-align:top;}\n.php .kw1 {color: #b1b100;}\n.php .kw2 {color: #000000; font-weight: bold;}\n.php .kw3 {color: #990000;}\n.php .kw4 {color: #009900; font-weight: bold;}\n.php .co1 {color: #666666; font-style: italic;}\n.php .co2 {color: #666666; font-style: italic;}\n.php .co3 {color: #0000cc; font-style: italic;}\n.php .co4 {color: #009933; font-style: italic;}\n.php .coMULTI {color: #666666; font-style: italic;}\n.php .es0 {color: #000099; font-weight: bold;}\n.php .es1 {color: #000099; font-weight: bold;}\n.php .es2 {color: #660099; font-weight: bold;}\n.php .es3 {color: #660099; font-weight: bold;}\n.php .es4 {color: #006699; font-weight: bold;}\n.php .es5 {color: #006699; font-weight: bold; font-style: italic;}\n.php .es6 {color: #009933; font-weight: bold;}\n.php .es_h {color: #000099; font-weight: bold;}\n.php .br0 {color: #009900;}\n.php .sy0 {color: #339933;}\n.php .sy1 {color: #000000; font-weight: bold;}\n.php .st0 {color: #0000ff;}\n.php .st_h {color: #0000ff;}\n.php .nu0 {color: #cc66cc;}\n.php .nu8 {color: #208080;}\n.php .nu12 {color: #208080;}\n.php .nu19 {color:#800080;}\n.php .me1 {color: #004000;}\n.php .me2 {color: #004000;}\n.php .re0 {color: #000088;}\n.php span.xtra { display:block; }\n<\/style><div class=\"code\"><table class=\"php\"><tbody><tr class=\"li1\"><td class=\"ln\"><pre class=\"de1\">1\n2\n3\n4\n5\n6\n7\n8\n9\n10\n11\n12\n13\n14\n15\n16\n17\n18\n19\n20\n21\n22\n23\n24\n25\n26\n27\n28\n29\n30\n31\n32\n33\n34\n35\n36\n37\n38\n39\n40\n41\n42\n43\n44\n45\n46\n47\n48\n49\n50\n51\n52\n<\/pre><\/td><td class=\"de1\"><pre class=\"de1\"><span class=\"kw2\">&lt;?php<\/span>\n&#160;\n<span class=\"kw2\">namespace<\/span> App\\Rules<span class=\"sy0\">;<\/span>\n&#160;\n<span class=\"kw2\">use<\/span> Illuminate\\Contracts\\Validation\\Rule<span class=\"sy0\">;<\/span>\n<span class=\"kw2\">use<\/span> Illuminate\\Validation\\Validator<span class=\"sy0\">;<\/span>\n&#160;\n<span class=\"co4\">\/**<\/span>\n<span class=\"co4\">&#160;* Check if the given URL has the current local domain name<\/span>\n<span class=\"co4\">&#160;*\/<\/span>\n<span class=\"kw2\">class<\/span> LocalUrl <span class=\"kw2\">implements<\/span> Rule\n<span class=\"br0\">&#123;<\/span>\n&#160; &#160; <span class=\"kw2\">public<\/span> <span class=\"kw2\">function<\/span> validate<span class=\"br0\">&#40;<\/span>string <span class=\"re0\">$attribute<\/span><span class=\"sy0\">,<\/span> <span class=\"re0\">$value<\/span><span class=\"sy0\">,<\/span> <span class=\"re0\">$params<\/span><span class=\"sy0\">,<\/span> Validator <span class=\"re0\">$validator<\/span><span class=\"br0\">&#41;<\/span>\n&#160; &#160; <span class=\"br0\">&#123;<\/span>\n&#160; &#160; &#160; &#160; <span class=\"kw1\">return<\/span> <span class=\"re0\">$this<\/span><span class=\"sy0\">-&gt;<\/span><span class=\"me1\">passes<\/span><span class=\"br0\">&#40;<\/span><span class=\"re0\">$attribute<\/span><span class=\"sy0\">,<\/span> <span class=\"re0\">$value<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span>\n&#160; &#160; <span class=\"br0\">&#125;<\/span>\n&#160;\n&#160; &#160; <span class=\"co4\">\/**<\/span>\n<span class=\"co4\">&#160; &#160; &#160;* Determine if the validation rule passes.<\/span>\n<span class=\"co4\">&#160; &#160; &#160;*<\/span>\n<span class=\"co4\">&#160; &#160; &#160;* @param &#160;string &#160;$attribute<\/span>\n<span class=\"co4\">&#160; &#160; &#160;* @param &#160;mixed &#160;$value<\/span>\n<span class=\"co4\">&#160; &#160; &#160;* @return bool<\/span>\n<span class=\"co4\">&#160; &#160; &#160;*\/<\/span>\n&#160; &#160; <span class=\"kw2\">public<\/span> <span class=\"kw2\">function<\/span> passes<span class=\"br0\">&#40;<\/span><span class=\"re0\">$attribute<\/span><span class=\"sy0\">,<\/span> <span class=\"re0\">$value<\/span><span class=\"br0\">&#41;<\/span>\n&#160; &#160; <span class=\"br0\">&#123;<\/span>\n&#160; &#160; &#160; &#160; <span class=\"re0\">$currentUrl<\/span> <span class=\"sy0\">=<\/span> \\URL<span class=\"sy0\">::<\/span><a href=\"http:\/\/www.php.net\/current\"><span class=\"kw3\">current<\/span><\/a><span class=\"br0\">&#40;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span>\n&#160; &#160; &#160; &#160; <span class=\"re0\">$currentParts<\/span> <span class=\"sy0\">=<\/span> <span class=\"re0\">$this<\/span><span class=\"sy0\">-&gt;<\/span><span class=\"me1\">getRelevantParts<\/span><span class=\"br0\">&#40;<\/span><a href=\"http:\/\/www.php.net\/parse_url\"><span class=\"kw3\">parse_url<\/span><\/a><span class=\"br0\">&#40;<\/span><span class=\"re0\">$currentUrl<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span>\n&#160; &#160; &#160; &#160; <span class=\"re0\">$targetParts<\/span> &#160;<span class=\"sy0\">=<\/span> <span class=\"re0\">$this<\/span><span class=\"sy0\">-&gt;<\/span><span class=\"me1\">getRelevantParts<\/span><span class=\"br0\">&#40;<\/span><a href=\"http:\/\/www.php.net\/parse_url\"><span class=\"kw3\">parse_url<\/span><\/a><span class=\"br0\">&#40;<\/span><span class=\"re0\">$value<\/span><span class=\"br0\">&#41;<\/span><span class=\"br0\">&#41;<\/span><span class=\"sy0\">;<\/span>\n&#160; &#160; &#160; &#160; <span class=\"kw1\">return<\/span> <span class=\"re0\">$currentParts<\/span> <span class=\"sy0\">==<\/span> <span class=\"re0\">$targetParts<\/span><span class=\"sy0\">;<\/span>\n&#160; &#160; <span class=\"br0\">&#125;<\/span>\n&#160;\n&#160; &#160; <span class=\"kw2\">protected<\/span> <span class=\"kw2\">function<\/span> getRelevantParts<span class=\"br0\">&#40;<\/span><a href=\"http:\/\/www.php.net\/array\"><span class=\"kw3\">array<\/span><\/a> <span class=\"re0\">$urlParts<\/span><span class=\"br0\">&#41;<\/span>\n&#160; &#160; <span class=\"br0\">&#123;<\/span>\n&#160; &#160; &#160; &#160; <span class=\"kw1\">return<\/span> <span class=\"br0\">&#91;<\/span>\n&#160; &#160; &#160; &#160; &#160; &#160; <span class=\"st_h\">'scheme'<\/span> <span class=\"sy0\">=&gt;<\/span> <span class=\"re0\">$urlParts<\/span><span class=\"br0\">&#91;<\/span><span class=\"st_h\">'scheme'<\/span><span class=\"br0\">&#93;<\/span> ?? <span class=\"kw4\">null<\/span><span class=\"sy0\">,<\/span>\n&#160; &#160; &#160; &#160; &#160; &#160; <span class=\"st_h\">'host'<\/span> &#160; <span class=\"sy0\">=&gt;<\/span> <span class=\"re0\">$urlParts<\/span><span class=\"br0\">&#91;<\/span><span class=\"st_h\">'host'<\/span><span class=\"br0\">&#93;<\/span> ?? <span class=\"kw4\">null<\/span><span class=\"sy0\">,<\/span>\n&#160; &#160; &#160; &#160; &#160; &#160; <span class=\"st_h\">'port'<\/span> &#160; <span class=\"sy0\">=&gt;<\/span> <span class=\"re0\">$urlParts<\/span><span class=\"br0\">&#91;<\/span><span class=\"st_h\">'port'<\/span><span class=\"br0\">&#93;<\/span> ?? <span class=\"kw4\">null<\/span><span class=\"sy0\">,<\/span>\n&#160; &#160; &#160; &#160; <span class=\"br0\">&#93;<\/span><span class=\"sy0\">;<\/span>\n&#160; &#160; <span class=\"br0\">&#125;<\/span>\n&#160;\n&#160; &#160; <span class=\"co4\">\/**<\/span>\n<span class=\"co4\">&#160; &#160; &#160;* Get the validation error message.<\/span>\n<span class=\"co4\">&#160; &#160; &#160;*<\/span>\n<span class=\"co4\">&#160; &#160; &#160;* @return string<\/span>\n<span class=\"co4\">&#160; &#160; &#160;*\/<\/span>\n&#160; &#160; <span class=\"kw2\">public<\/span> <span class=\"kw2\">function<\/span> message<span class=\"br0\">&#40;<\/span><span class=\"br0\">&#41;<\/span>\n&#160; &#160; <span class=\"br0\">&#123;<\/span>\n&#160; &#160; &#160; &#160; <span class=\"kw1\">return<\/span> <span class=\"st_h\">'Redirects to external URLs are not supported.'<\/span><span class=\"sy0\">;<\/span>\n&#160; &#160; <span class=\"br0\">&#125;<\/span>\n<span class=\"br0\">&#125;<\/span>\n&#160;<\/pre><\/td><\/tr><\/tbody><\/table><\/div>\n <\/div>\n <div class=\"phork-meta\">\n  <a href=\"https:\/\/p.cweiske.de\/910\/rev-raw\/82038f722970adf6cd71c8447f22c72b45487f38\/app\/Rules\/LocalUrl.php\" style=\"float: right\">view raw source<\/a>\n  <a href=\"https:\/\/p.cweiske.de\/910#app\/Rules\/LocalUrl.php\">app\/Rules\/LocalUrl.php<\/a>\n <\/div>\n<\/div>\n<\/div>\n"}