| 61 | } |
| 62 | |
| 63 | function isSafeSetupUrlAssignment(options: { |
| 64 | key: string; |
| 65 | separator: string; |
| 66 | rawValue: string; |
| 67 | offset: number; |
| 68 | input: string; |
| 69 | }): boolean { |
| 70 | if (options.key.toLowerCase() !== 'token') return false; |
| 71 | if (!options.separator.includes(':')) return false; |
| 72 | try { |
| 73 | const url = new URL(options.rawValue); |
| 74 | if (url.pathname.replace(/\/+$/, '') !== '/api-keys') return false; |
| 75 | return /(?:^|\b)(?:service\/)?api\s+$/i.test(options.input.slice(0, options.offset)); |
| 76 | } catch { |
| 77 | return false; |
| 78 | } |
| 79 | } |
| 80 | |
| 81 | function redactUrl(value: string): string | null { |
| 82 | try { |