Make using insecure connections opt-in (#1309)

* add insecure url checks

* rename variables

* add feature flags to expose Url properly

* fix test compile error

* fix feature errors

* remove comment

* add url crate and use it for url parsing

* fix compile errors

* satisfy the holy clippy

* fix typos and host loopback

* macro attribute, provide validation function in utils

* fix expected output of ui tests

* remove the success case for --allow-insecure because we cannot establish ws:// connection at the moment.

cli/src/commands/compatibility.rs

@@ -11,6 +11,8 @@ use std::collections::HashMap;
 use subxt_codegen::fetch_metadata::MetadataVersion;
 use subxt_metadata::Metadata;
 
+use crate::utils::validate_url_security;
+
 /// Verify metadata compatibility between substrate nodes.
 #[derive(Debug, ClapParser)]
 pub struct Opts {
@@ -36,9 +38,16 @@ pub struct Opts {
     /// Defaults to latest.
     #[clap(long = "version", default_value = "latest")]
     version: MetadataVersion,
+    /// Allow insecure URLs e.g. URLs starting with ws:// or http:// without SSL encryption
+    #[clap(long, short)]
+    allow_insecure: bool,
 }
 
 pub async fn run(opts: Opts, output: &mut impl std::io::Write) -> color_eyre::Result<()> {
+    for url in opts.nodes.iter() {
+        validate_url_security(Some(url), opts.allow_insecure)?;
+    }
+
     match opts.pallet {
         Some(pallet) => {
             handle_pallet_metadata(opts.nodes.as_slice(), pallet.as_str(), opts.version, output)