MCPcopy Index your code
hub / github.com/docker/docker-agent / validate

Function validate

pkg/browser/browser.go:55–70  ·  view source on GitHub ↗

validate rejects inputs that are unsafe to hand to the platform "open" helper (open, xdg-open, rundll32). Those helpers receive the URL as a positional argument, so a value beginning with "-" would be parsed as a command-line flag rather than a URL (argument injection). This matters now that URLs ca

(raw string)

Source from the content-addressed store, hash-verified

53// "docker-desktop://" — since restricting to http(s) would defeat deep-link
54// use cases.
55func validate(raw string) error {
56 if raw == "" {
57 return errors.New("empty URL")
58 }
59 if strings.HasPrefix(raw, "-") {
60 return fmt.Errorf("refusing to open URL that looks like a command-line flag: %q", raw)
61 }
62 u, err := url.Parse(raw)
63 if err != nil {
64 return fmt.Errorf("invalid URL %q: %w", raw, err)
65 }
66 if u.Scheme == "" {
67 return fmt.Errorf("URL must include a scheme (e.g. https://): %q", raw)
68 }
69 return nil
70}

Callers 3

TestValidateFunction · 0.85
OpenFunction · 0.85
ParseRerankScoresFunction · 0.85

Calls 2

ParseMethod · 0.80
NewMethod · 0.45

Tested by 1

TestValidateFunction · 0.68