882 spike validating urls

[meghac538]

Created PR for #882

PR topped over #862

The LCW now has a centralized, generalizable approach to URL validation that addresses:

• Correct regex patterns for valid URLs
• Security checks for malicious/phishing URLs

[alexfigtree]

@meghac538 Please address merge conflicts

[dmitrizagidulin]

@meghac538 I'd be happy to screenshare and walk you through handling rebasing and conflict resolution, if you'd like / if it's helpful.

[meghac538]

@meghac538 I'd be happy to screenshare and walk you through handling rebasing and conflict resolution, if you'd like / if it's helpful.

Hi @dmitrizagidulin, I usually rebase using GitHub Desktop, resolving any conflicts commit by commit with the main branch. I’ve done it this way before on this project as well.
Just wanted to confirm if this is the right approach, or if you’d recommend handling it differently. I’d also really appreciate it if you could walk me through rebasing and conflict resolution sometime!

[dmitrizagidulin]

@meghac538 thanks for checking -- that works fine! (re github desktop, etc)

[meghac538]

@alexfigtree After reviewing the current branch, I’ve identified that the primary functionality suitable for inclusion in the shared library would be:

validateUrl() – Core URL validation with protocol enforcement
isUrlSuspicious() – Security checks for detecting potentially malicious URLs

To maintain consistency with Verifier Plus, we may need to install the validator package and implement similar functionality.

Recommended Approach:
Bundle the validator dependency within the shared library to reduce integration complexity and ensure consistent validation behavior across both applications.

Since we’re already creating a shared library under verifier-plus#157, it would be ideal to include validateUrl() and isUrlSuspicious() there

• This approach will:
• Consolidate all shared utilities in one place
• Minimize dependencies for both LCW and Verifier Plus
• Ensure consistent URL validation and security handling
• Simplify maintenance and future updates

[alexfigtree]

@alexfigtree After reviewing the current branch, I’ve identified that the primary functionality suitable for inclusion in the shared library would be:

validateUrl() – Core URL validation with protocol enforcement isUrlSuspicious() – Security checks for detecting potentially malicious URLs

To maintain consistency with Verifier Plus, we may need to install the validator package and implement similar functionality.

Recommended Approach: Bundle the validator dependency within the shared library to reduce integration complexity and ensure consistent validation behavior across both applications.

Since we’re already creating a shared library under verifier-plus#157, it would be ideal to include validateUrl() and isUrlSuspicious() there

• This approach will:
• Consolidate all shared utilities in one place
• Minimize dependencies for both LCW and Verifier Plus
• Ensure consistent URL validation and security handling
• Simplify maintenance and future updates

@meghac538 Agreed, please reference this PR in other repos where work is being done

[alexfigtree]

@meghac538 Please reference this issue for future work related to this PR: digitalcredentials/verifier-core#24