Skip to main content

SecureUriValidator Class

Abblix.Oidc.Server

Abblix.Oidc.Server.Features.SecureHttpFetch

SecureUriValidator Class

Default ISecureUriValidator implementation: applies the scheme allow-list and the internal-hostname / private-or-reserved IP-literal rules from SecureHttpFetchOptions.

public class SecureUriValidator : Abblix.Oidc.Server.Features.SecureHttpFetch.ISecureUriValidator

Inheritance System.Object → SecureUriValidator

Implements ISecureUriValidator

Constructors

SecureUriValidator(IOptions<SecureHttpFetchOptions>) Constructor

Default ISecureUriValidator implementation: applies the scheme allow-list and the internal-hostname / private-or-reserved IP-literal rules from SecureHttpFetchOptions.

public SecureUriValidator(Microsoft.Extensions.Options.IOptions<Abblix.Oidc.Server.Features.SecureHttpFetch.SecureHttpFetchOptions> options);

Parameters

options Microsoft.Extensions.Options.IOptions<SecureHttpFetchOptions>

Methods

SecureUriValidator.IsInternalHostname(string) Method

Checks if a hostname appears to be internal or non-public.

public static bool IsInternalHostname(string hostname);

Parameters

hostname System.String

Returns

System.Boolean

SecureUriValidator.IsPrivateOrReservedAddress(IPAddress) Method

Checks if an IP address is private, loopback, link-local, or otherwise reserved.

public static bool IsPrivateOrReservedAddress(System.Net.IPAddress address);

Parameters

address System.Net.IPAddress

Returns

System.Boolean

SecureUriValidator.Validate(Uri) Method

Validates a URI against the configured SSRF policy without resolving DNS.

public string? Validate(System.Uri uri);

Parameters

uri System.Uri

The URI to validate.

Implements Validate(Uri)

Returns

System.String
null when the URI is allowed; otherwise a human-readable reason for the rejection.