URLs via Request?

Moin to whom it may concern...

I am new to this backend module but as we want to host it at hereon, I am currently having a look into the code.

To me it seems like this backend module is expecting a URL that is passed to the backend module (see here). Isn't that somewhat insecure? There is no check or whatsoever on the URL.