Function: validateOAuthAuthorizeUrl()
function validateOAuthAuthorizeUrl(args: {
allowedHosts?: readonly string[];
providerName: string;
url: string;
}): {
normalizedUrl: string;
urlForLog: string;
};
Defined in: electron/services/cloud/providers/oauthAuthorizeUrl.ts:26
Validates an OAuth authorization URL before opening it via
shell.openExternal.
Parameters
args
Provider name and candidate URL.
allowedHosts?
readonly string[]
providerName
string
url
string
Returns
{
normalizedUrl: string;
urlForLog: string;
}
normalizedUrl
normalizedUrl: string;
urlForLog
urlForLog: string;
Remarks
OAuth authorization URLs are rendered in the user's external browser, not inside the Electron renderer. Even so, the URL is derived from an external provider SDK and must be treated as untrusted input.
This helper centralizes validation so Dropbox/Google/etc cannot drift in what they accept.
Policy:
- Must be a valid external-open URL per validateExternalOpenUrlCandidateWithPolicy
- Must use
https: