From 65aaea4097f571923db812fd5d5ad80e5b273f60 Mon Sep 17 00:00:00 2001
From: Joshua Ramon Enslin <joshua@museum-digital.de>
Date: Wed, 30 Mar 2022 13:03:04 +0200
Subject: [PATCH] Check links for using an accepted scheme during validation
 (http, https, ftp)

---
 src/MD_STD_IN.php | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/MD_STD_IN.php b/src/MD_STD_IN.php
index dafc430..f530c70 100644
--- a/src/MD_STD_IN.php
+++ b/src/MD_STD_IN.php
@@ -202,6 +202,11 @@ final class MD_STD_IN {
             throw new MDInvalidUrl("Invalid input URL");
         }
 
+        // Check for valid schemes
+        if (MD_STD::startsWithAny($input, ['https://', 'http://', 'ftp://']) === false) {
+            throw new MDInvalidUrl("Invalid input URL");
+        }
+
         return $output;
 
     }