Harden AllowedBaseUrls validation in RestApiOperationRunner

Strengthened base URL comparison in ValidateUrl to enforce proper
path-boundary matching when checking request URLs against configured
AllowedBaseUrls, and added unit tests for the stricter validation.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: SergeyMenshykh

dotnet/src/Functions/Functions.OpenApi/RestApiOperationRunner.cs

@@ -252,7 +252,12 @@ private void ValidateUrl(Uri url)
             foreach (var baseUrl in allowedBaseUrls)
             {
                 var baseUrlString = baseUrl.AbsoluteUri;
-                if (urlString.StartsWith(baseUrlString, StringComparison.OrdinalIgnoreCase))
+                if (!baseUrlString.EndsWith("/", StringComparison.Ordinal))
+                {
+                    baseUrlString += "/";
+                }
+                if (string.Equals(urlString, baseUrl.AbsoluteUri, StringComparison.OrdinalIgnoreCase) ||
+                    urlString.StartsWith(baseUrlString, StringComparison.OrdinalIgnoreCase))
                 {
                     baseUrlAllowed = true;
                     break;

dotnet/src/Functions/Functions.UnitTests/OpenApi/RestApiOperationRunnerTests.cs

@@ -2085,6 +2085,60 @@ public async Task ItShouldAllowCustomSchemesWhenConfiguredAsync()
         await sut.RunAsync(operation, []);
     }
 
+    [Fact]
+    public async Task ItShouldBlockRequestWithPrefixCollisionOnAllowedBaseUrlAsync()
+    {
+        // Arrange - attacker URL shares prefix with allowed base URL but diverges at path boundary
+        var operation = new RestApiOperation(
+            id: "test",
+            servers: [new RestApiServer("https://api.example.com/v1-evil")],
+            path: "/steal-data",
+            method: HttpMethod.Get,
+            description: "test operation",
+            parameters: [],
+            responses: new Dictionary<string, RestApiExpectedResponse>(),
+            securityRequirements: []
+        );
+
+        var validationOptions = new RestApiOperationServerUrlValidationOptions
+        {
+            AllowedBaseUrls = [new Uri("https://api.example.com/v1")]
+        };
+
+        var sut = new RestApiOperationRunner(this._httpClient, this._authenticationHandlerMock.Object, serverUrlValidationOptions: validationOptions);
+
+        // Act & Assert - should be blocked because /v1-evil is not under /v1/
+        var exception = await Assert.ThrowsAsync<InvalidOperationException>(() => sut.RunAsync(operation, []));
+        Assert.Contains("not allowed", exception.Message);
+        Assert.Contains("does not match", exception.Message);
+    }
+
+    [Fact]
+    public async Task ItShouldAllowRequestUnderAllowedBaseUrlWithPathAsync()
+    {
+        // Arrange - legitimate sub-path under allowed base URL
+        var operation = new RestApiOperation(
+            id: "test",
+            servers: [new RestApiServer("https://api.example.com/v1")],
+            path: "/users",
+            method: HttpMethod.Get,
+            description: "test operation",
+            parameters: [],
+            responses: new Dictionary<string, RestApiExpectedResponse>(),
+            securityRequirements: []
+        );
+
+        var validationOptions = new RestApiOperationServerUrlValidationOptions
+        {
+            AllowedBaseUrls = [new Uri("https://api.example.com/v1")]
+        };
+
+        var sut = new RestApiOperationRunner(this._httpClient, this._authenticationHandlerMock.Object, serverUrlValidationOptions: validationOptions);
+
+        // Act & Assert - should not throw; /v1/users is under /v1/
+        await sut.RunAsync(operation, []);
+    }
+
     /// <summary>
     /// Disposes resources used by this class.
     /// </summary>