Add validation for scheme
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Tyler 2019-10-16 19:35:11 -04:00
parent 3bd0ce72a5
commit 3f71e11018

View File

@ -58,6 +58,10 @@ func (api *LinkInfoApi) DefaultLinkHandler(link string) (*LinkInfo, error) {
return nil, err
}
if u.Scheme != "http" && u.Scheme != "https" {
return nil, errors.New("unsupported scheme")
}
if u.Host == "localhost" {
return nil, errors.New("url is localhost")
} else if ip := net.ParseIP(u.Host); ip != nil && isPrivateIP(ip) {