Function validate_return_url 

pub fn validate_return_url(url: &str) -> bool

Validate that a return URL is a safe relative path

This function prevents open redirect attacks by ensuring the URL:

1. Is URL-decoded to prevent encoding bypasses
2. Is a relative path starting with exactly one /
3. Does not contain protocol-relative URLs (//) or absolute URLs
4. Does not contain backslashes (which some browsers treat as forward slashes)
5. Parses correctly as a relative URL

Security

This function defends against various open redirect attack vectors:

• URL encoding bypasses: /%2F/evil.com → //evil.com
• Protocol-relative URLs: //evil.com
• Absolute URLs: https://evil.com
• Backslash variants: /\evil.com (some browsers normalize to //evil.com)
• Encoded protocols: /http%3A%2F%2Fevil.com

Examples

use micromegas_auth::url_validation::validate_return_url;

// Valid relative paths
assert!(validate_return_url("/"));
assert!(validate_return_url("/dashboard"));
assert!(validate_return_url("/path/to/resource?query=value"));
assert!(validate_return_url("/path%20with%20spaces"));

// Invalid: absolute URLs
assert!(!validate_return_url("https://evil.com"));
assert!(!validate_return_url("//evil.com"));

// Invalid: URL-encoded open redirect attempts
assert!(!validate_return_url("/%2F/evil.com"));
assert!(!validate_return_url("/http%3A%2F%2Fevil.com"));

// Invalid: backslash variants
assert!(!validate_return_url("/\\evil.com"));