namespace SharepointToolbox.Web.Core.Helpers;

public static class StringExtensions
{
    public static string? TrimOrNull(this string? s)
        => string.IsNullOrWhiteSpace(s) ? null : s.Trim();

    /// <summary>
    /// Returns <paramref name="returnUrl"/> only when it is a safe site-relative path,
    /// otherwise "/". Rejects absolute URLs and protocol-relative paths ("//evil.com",
    /// "/\evil.com") so a post-auth / post-connect redirect can never leave the app.
    /// Used by every login and OAuth-connect redirect to prevent open redirects.
    /// </summary>
    public static string ToLocalReturnUrl(this string? returnUrl)
    {
        if (string.IsNullOrEmpty(returnUrl)) return "/";
        if (returnUrl[0] != '/') return "/";                                  // not site-relative
        if (returnUrl.Length > 1 && (returnUrl[1] == '/' || returnUrl[1] == '\\')) return "/"; // protocol-relative
        return returnUrl;
    }
}