openzeppelin_relayer::utils

Function validate_safe_url

Source 
pub fn validate_safe_url(
    url: &str,
    allowed_hosts: &[String],
    block_private: bool,
) -> Result<(), String>
Expand description

Validates an RPC URL against security policies

§Arguments

  • url - The RPC URL to validate
  • allowed_hosts - List of explicitly allowed hostnames/IPs (if non-empty, only these are allowed)
  • block_private - If true, block private IP addresses

§Security Notes

  • Cloud metadata endpoints (169.254.169.254, fd00:ec2::254) are ALWAYS blocked
  • If allowed_hosts is non-empty, only hosts in the list are permitted

§Returns

  • Ok(()) if the URL passes validation
  • Err(String) with a description of why validation failed