Package org.springframework.ai.bedrock.converse.api

Class URLValidator

java.lang.Object
org.springframework.ai.bedrock.converse.api.URLValidator
public final class URLValidator extends Object
Utility class for detecting and normalizing URLs. Intended for use with multimodal user inputs.
Since:
1.0.0
Author:
Christian Tzolov

  • Method Summary

    Modifier and Type
    Method
    Description
    static void
    assertNoInternalAddress(String host)
    Resolves all IP addresses for the given hostname and throws SecurityException if any resolve to a loopback, link-local, site-local, or wildcard address.
    static boolean
    isBlockedAddress(InetAddress address)
    Returns true if the given address is a loopback, link-local, site-local, or wildcard address.
    static boolean
    isValidURLBasic(String urlString)
    Deprecated.
    This method is not sufficient for security-sensitive URL validation and should not be relied upon for security-critical checks.
    static boolean
    isValidURLStrict(String urlString)
    Thorough validation using URL class More comprehensive but might be slower Validates protocol, host, port, and basic structure
    static @Nullable String
    normalizeURL(@Nullable String urlString)
    Attempts to fix common URL issues Adds protocol if missing, removes extra spaces

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Method Details

    • isValidURLBasic

      @Deprecated public static boolean isValidURLBasic(String urlString)
      Deprecated.
      This method is not sufficient for security-sensitive URL validation and should not be relied upon for security-critical checks. Use isValidURLStrict(String) instead for robust validation.
      Check if the string looks like a URL using a simple regex pattern to disstinct it from base64 or other text. This is a quick check to avoid unnecessary URL parsing for clearly non-URL strings.

    • isValidURLStrict

      public static boolean isValidURLStrict(String urlString)
      Thorough validation using URL class More comprehensive but might be slower Validates protocol, host, port, and basic structure

    • assertNoInternalAddress

      public static void assertNoInternalAddress(String host)
      Resolves all IP addresses for the given hostname and throws SecurityException if any resolve to a loopback, link-local, site-local, or wildcard address. Protects against SSRF via internal network access (including IPv6 equivalents) and limits exposure from DNS rebinding by checking all returned addresses.
      Parameters:
      host - the hostname to check
      Throws:
      SecurityException - if the host resolves to a blocked internal address or cannot be resolved

    • isBlockedAddress

      public static boolean isBlockedAddress(InetAddress address)
      Returns true if the given address is a loopback, link-local, site-local, or wildcard address. Covers both IPv4 and IPv6 private/internal ranges.
      Parameters:
      address - the address to test
      Returns:
      true if the address should be blocked

    • normalizeURL

      public static @Nullable String normalizeURL(@Nullable String urlString)
      Attempts to fix common URL issues Adds protocol if missing, removes extra spaces