Identify Malformed Trusted URLs

1. Access the Developer Console

• In Salesforce Classic, click Your Name, and then click Developer Console.

• In Lightning Experience, click the quick access menu (the gear symbol), and then click Developer Console.

2. Execute the Scan

1. Go to Debug > Open Execute Anonymous Window.

2. Paste the Apex code into the execution window.
   

   // Define a regex pattern that will match valid domain definitions.
   Pattern validUrl = Pattern.compile(
       '[A-Za-z0-9\'' + Pattern.quote('-._~:@!$&()*+,;%=/?#[]') + ']+'); 
   
   // Fetch all CspTrustedSite for this org.
   List<CspTrustedSite> cspTrustedSites = [
       SELECT ID, EndpointUrl 
       FROM CspTrustedSite 
   ];
   
   // Loop over all CspTrustedSites and test if the URL is correct.
   for(CspTrustedSite entry : cspTrustedSites) {
       Matcher m = validUrl.matcher(entry.EndpointUrl);
       // When the URL is not valid, print a debug message.
       if(!m.matches()) {
           System.debug(logginglevel.INFO, 'URL: ' + entry.EndpointUrl);
       }
   }

3. Select Open Log so the results appear automatically after execution.

4. Click Execute.

3. Review Results

1. After the execution log opens, select the Debug Only filter box. This filters the list to show only the malformed URLs.

2. Review the list of malformed URLs shown in the filtered log.

4. (Optional) Export Findings

To export a full list of results, download the log file.

1. Click File > Download Log.

2. Open the downloaded file in a text editor.

3. Search for the USER_DEBUG prefix to find the identified malformed URLs in the full log.