public static function UrlHelper::externalIsLocal in Drupal 10
Same name and namespace in other branches
- 8 core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::externalIsLocal()
- 9 core/lib/Drupal/Component/Utility/UrlHelper.php \Drupal\Component\Utility\UrlHelper::externalIsLocal()
Determines if an external URL points to this installation.
Parameters
string $url: A string containing an external URL, such as "http://example.com/foo".
string $base_url: The base URL string to check against, such as "http://example.com/"
Return value
bool TRUE if the URL has the same domain and base path.
Throws
\InvalidArgumentException Exception thrown when either $url or $base_url are not fully qualified.
4 calls to UrlHelper::externalIsLocal()
- FileUrlGenerator::generate in core/
lib/ Drupal/ Core/ File/ FileUrlGenerator.php - LocalAwareRedirectResponseTrait::isLocal in core/
lib/ Drupal/ Core/ Routing/ LocalAwareRedirectResponseTrait.php - Determines whether a path is local.
- UrlHelperTest::testExternalIsLocal in core/
tests/ Drupal/ Tests/ Component/ Utility/ UrlHelperTest.php - Tests detecting external urls that point to local resources.
- UrlHelperTest::testExternalIsLocalInvalid in core/
tests/ Drupal/ Tests/ Component/ Utility/ UrlHelperTest.php - Tests invalid url arguments.
File
- core/
lib/ Drupal/ Component/ Utility/ UrlHelper.php, line 247
Class
- UrlHelper
- Helper class URL based methods.
Namespace
Drupal\Component\UtilityCode
public static function externalIsLocal($url, $base_url) {
// Some browsers treat \ as / so normalize to forward slashes.
$url = str_replace('\\', '/', $url);
// Leading control characters may be ignored or mishandled by browsers, so
// assume such a path may lead to a non-local location. The \p{C} character
// class matches all UTF-8 control, unassigned, and private characters.
if (preg_match('/^\\p{C}/u', $url) !== 0) {
return FALSE;
}
$url_parts = parse_url($url);
$base_parts = parse_url($base_url);
if (empty($base_parts['host']) || empty($url_parts['host'])) {
throw new \InvalidArgumentException('A path was passed when a fully qualified domain was expected.');
}
if (!isset($url_parts['path']) || !isset($base_parts['path'])) {
return (!isset($base_parts['path']) || $base_parts['path'] == '/') && $url_parts['host'] == $base_parts['host'];
}
else {
// When comparing base paths, we need a trailing slash to make sure a
// partial URL match isn't occurring. Since base_path() always returns
// with a trailing slash, we don't need to add the trailing slash here.
return $url_parts['host'] == $base_parts['host'] && stripos($url_parts['path'], $base_parts['path']) === 0;
}
}