The check blocking the `http://` scheme should only trigger **after** name resolution. It does not make sense to only allow http://10.0.0.1 (for example) while http://my.internal.host.com could also resolve to an endpoint in a private ip range. <img width="563" height="1218" alt="Image" src="https://github.com/user-attachments/assets/61d3d9ef-c7de-4a8e-93cf-0772f91f0116" />
The check blocking the
http://scheme should only trigger after name resolution.It does not make sense to only allow http://10.0.0.1 (for example) while http://my.internal.host.com could also resolve to an endpoint in a private ip range.