SecureUriValidator Class
Abblix.Oidc.Server
Abblix.Oidc.Server.Features.SecureHttpFetch
SecureUriValidator Class
Default ISecureUriValidator implementation: applies the scheme allow-list and the internal-hostname / private-or-reserved IP-literal rules from SecureHttpFetchOptions.
public class SecureUriValidator : Abblix.Oidc.Server.Features.SecureHttpFetch.ISecureUriValidator
Inheritance System.Object → SecureUriValidator
Implements ISecureUriValidator
Constructors
SecureUriValidator(IOptions<SecureHttpFetchOptions>) Constructor
Default ISecureUriValidator implementation: applies the scheme allow-list and the internal-hostname / private-or-reserved IP-literal rules from SecureHttpFetchOptions.
public SecureUriValidator(Microsoft.Extensions.Options.IOptions<Abblix.Oidc.Server.Features.SecureHttpFetch.SecureHttpFetchOptions> options);
Parameters
options Microsoft.Extensions.Options.IOptions<SecureHttpFetchOptions>
Methods
SecureUriValidator.IsInternalHostname(string) Method
Checks if a hostname appears to be internal or non-public.
public static bool IsInternalHostname(string hostname);
Parameters
hostname System.String
Returns
SecureUriValidator.IsPrivateOrReservedAddress(IPAddress) Method
Checks if an IP address is private, loopback, link-local, or otherwise reserved.
public static bool IsPrivateOrReservedAddress(System.Net.IPAddress address);
Parameters
address System.Net.IPAddress
Returns
SecureUriValidator.Validate(Uri) Method
Validates a URI against the configured SSRF policy without resolving DNS.
public string? Validate(System.Uri uri);
Parameters
uri System.Uri
The URI to validate.
Implements Validate(Uri)
Returns
System.String
null when the URI is allowed; otherwise a human-readable reason for the rejection.