Function: tryGetSafeThirdPartyHttpUrl()

tryGetSafeThirdPartyHttpUrl(rawUrl: string): string | null

Defined in: shared/utils/urlSafety.ts:630

Returns a sanitized HTTP(S) URL safe to send to third-party services.

Parameters

rawUrl

string

Untrusted URL candidate.

Returns

string | null

A safe URL string, or null when the input should not be sent.

Remarks

This is stricter than getSafeUrlForLogging because the output must be a valid URL that a third-party can request.

• Allows only http: and https:.
• Rejects credentials.
• Rejects CR/LF and ASCII control characters.
• Rejects private/local hostnames (see isPrivateNetworkHostname).
• Strips query string and hash.
• Redacts suspiciously-long path segments to reduce secret leakage.