public boolean isValidHref()

in src/main/java/org/apache/sling/xss/impl/XSSFilterImpl.java [224:244]

• 21 lines of code
• 4 McCabe index (conditional complexity)

    public boolean isValidHref(String url) {
        if (StringUtils.isEmpty(url)) {
            return true;
        }
        try {
            String decodedURL = URLDecoder.decode(url, StandardCharsets.UTF_8.name());
            String unicodeUnescapedUrl = UNICODE_UNESCAPER.translate(decodedURL);
            String urlToValidate;
            if (unicodeUnescapedUrl.equals(decodedURL)) {
                urlToValidate = url;
            } else {
                urlToValidate = unicodeUnescapedUrl;
            }
            urlToValidate = StringEscapeUtils.unescapeHtml4(urlToValidate);
            return runHrefValidation(urlToValidate);
        } catch (Exception e) {
            logger.warn("Unable to validate url.", e);
            logger.debug("URL input: {}", url);
        }
        return false;
    }