+vector<string> HTTPResponse::m_allowedSchemes;
+
+vector<string>& HTTPResponse::getAllowedSchemes()
+{
+ return m_allowedSchemes;
+}
+
+void HTTPResponse::sanitizeURL(const char* url)
+{
+ const char* ch;
+ for (ch=url; *ch; ++ch) {
+ if (iscntrl(*ch))
+ throw IOException("URL contained a control character.");
+ }
+
+ ch = strchr(url, ':');
+ if (!ch)
+ throw IOException("URL is malformed.");
+ string s(url, ch - url);
+ for (vector<string>::const_iterator i = m_allowedSchemes.begin(); i != m_allowedSchemes.end(); ++i) {
+#ifdef HAVE_STRCASECMP
+ if (!strcasecmp(s.c_str(), i->c_str()))
+#else
+ if (!stricmp(s.c_str(), i->c_str()))
+#endif
+ return;
+ }
+
+ throw IOException("URL contains invalid scheme ($1).", params(1, s.c_str()));
+}
+