func validateFromURL()

in internal/redirects/validations.go [27:57]

• 21 lines of code
• 12 McCabe index (conditional complexity)

func validateFromURL(urlText string) error {
	fromURL, err := url.Parse(urlText)
	if err != nil {
		return errFailedToParseURL
	}

	// No support for domain level redirects starting with special characters without scheme:
	// - `//google.com`
	// - `/\google.com`
	if (fromURL.Host == "") != (fromURL.Scheme == "") || strings.HasPrefix(fromURL.Path, "/\\") {
		return errNoValidStartingInURLPath
	}

	if fromURL.Scheme != "" && fromURL.Scheme != "http" && fromURL.Scheme != "https" {
		return errNoValidStartingInURLPath
	}

	if fromURL.Scheme == "" && fromURL.Host == "" {
		// No parent traversing relative URL's with `./` or `../`
		// No ambiguous URLs like bare domains `GitLab.com`
		if !strings.HasPrefix(urlText, "/") {
			return errNoValidStartingInURLPath
		}
	}

	if feature.RedirectsPlaceholders.Enabled() && strings.Count(fromURL.Path, "/*") > 1 {
		return errMoreThanOneSplats
	}

	return validateSplatAndPlaceholders(fromURL.Path)
}