Improved url security check

Former-commit-id: e6c76fcca124a5a5689440a3c8952584e93a2616

src/ImageProcessor.Web/NET45/Helpers/RemoteFile.cs

@@ -351,7 +351,7 @@ namespace ImageProcessor.Web.Helpers
         /// </summary>
         private void CheckSafeUrlLocation()
         {
-            bool validUrl = RemoteFileWhiteList.Any(item => item.Host.ToUpperInvariant().Equals(this.url.Host.ToUpperInvariant()));
+            bool validUrl = RemoteFileWhiteList.Any(item => this.url.Host.ToUpperInvariant().StartsWith(item.Host.ToUpperInvariant()));
 
             if (!validUrl)
             {

src/TestWebsites/NET45/Test_Website_NET45/config/imageprocessor/security.config

@@ -3,5 +3,12 @@
     <whiteList>
       <add url="http://images.mymovies.net"/>
       <add url="http://maps.googleapis.com" extensionLess="true" imageFormat=".png"/>
+      <add url="https://fbcdn-profile-"/>
+      <add url="http://fbcdn-profile-"/>
+      <add url="https://profile."/>
+      <add url="http://profile."/>
+      <add url="https://pbs.twimg.com"/>
+      <add url="http://pbs.twimg.com"/>
+      <add url="http://placekitten.com"/>
     </whiteList>
   </security>

src/TestWebsites/NET45/Test_Website_Webforms_NET45/Test_Website_Webforms_NET45.csproj

@@ -276,7 +276,9 @@
     <Content Include="Scripts\WebForms\WebParts.js" />
     <Content Include="Scripts\WebForms\WebUIValidation.js" />
     <Content Include="ViewSwitcher.ascx" />
-    <Content Include="Web.config" />
+    <Content Include="Web.config">
+      <SubType>Designer</SubType>
+    </Content>
     <Content Include="Bundle.config" />
   </ItemGroup>
   <ItemGroup>