function url_is_external
7.x common.inc | url_is_external($path) |
Returns TRUE if a path is external to Drupal (e.g. http://example.com).
If a path cannot be assessed by Drupal's menu handler, then we must treat it as potentially insecure.
Parameters
$path: The internal path or external URL being linked to, such as "node/34" or "http://example.com/foo".
Return value
Boolean TRUE or FALSE, where TRUE indicates an external path.
8 calls to url_is_external()
- CommonURLUnitTest::testDrupalParseUrl in drupal-7.x/
modules/ simpletest/ tests/ common.test - Test drupal_parse_url().
- drupal_goto in drupal-7.x/
includes/ common.inc - Sends the user to a different page.
- drupal_valid_path in drupal-7.x/
includes/ path.inc - Checks a path exists and the current user has access to it.
- form_builder in drupal-7.x/
includes/ form.inc - Builds and processes all elements in the structured form array.
- menu_edit_item_validate in drupal-7.x/
modules/ menu/ menu.admin.inc - Validate form values for a menu link being added or edited.
File
- drupal-7.x/
includes/ common.inc, line 2311 - Common functions that many Drupal modules will need to reference.
Code
function url_is_external($path) {
$colonpos = strpos($path, ':');
// Avoid calling drupal_strip_dangerous_protocols() if there is any
// slash (/), hash (#) or question_mark (?) before the colon (:)
// occurrence - if any - as this would clearly mean it is not a URL.
return $colonpos !== FALSE && !preg_match('![/?#]!', substr($path, 0, $colonpos)) && drupal_strip_dangerous_protocols($path) == $path;
}