is-absolute-url

is-absolute-url

Check if a URL is absolute

Install

npm install is-absolute-url

Usage

import isAbsoluteUrl from 'is-absolute-url';

isAbsoluteUrl('https://sindresorhus.com/foo/bar');
//=> true

isAbsoluteUrl('//sindresorhus.com');
//=> false

isAbsoluteUrl('foo/bar');
//=> false

isAbsoluteUrl('javascript:alert(1)');
//=> false

isAbsoluteUrl('javascript:alert(1)', {httpOnly: false});
//=> true

API

isAbsoluteUrl(url, options?)

url

Type: string

The URL to check.

options

Type: object

httpOnly

Type: boolean
Default: true

Only allow HTTP(S) protocols.

When set to false, any valid absolute URL will be accepted, including potentially unsafe protocols like javascript:, ftp:, ws:, etc.

Warning: Setting httpOnly to false can pose security risks as it will return true for URLs with protocols like javascript:, vbscript:, data:, ftp:, ws:, etc. Only set this to false if you understand the implications and have appropriate safeguards in place.

Related

See is-relative-url for the inverse.

Similar packages

Other packages similar to is-absolute-url

is-url

The 'is-url' package checks if a string is a URL. It is similar to 'is-absolute-url' but does not specifically focus on absolute URLs, making it broader in scope but less specialized for checking absolute URLs.

valid-url

The 'valid-url' package provides methods to validate URLs and check if they are absolute. It offers more comprehensive URL validation features compared to 'is-absolute-url', which strictly checks for absolute URLs.