From 3e30c025b57ddad32e67ce4cca357aa29762588c Mon Sep 17 00:00:00 2001
From: Ashraf Mohammed <ashrafmd0506@gmail.com>
Date: Fri, 27 Oct 2023 17:25:15 +0530
Subject: [PATCH] remove cross-site-scripting

---
 src/Components/Auth/Login.tsx | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Components/Auth/Login.tsx b/src/Components/Auth/Login.tsx
index d93cc34501f..0c9aa814cea 100644
--- a/src/Components/Auth/Login.tsx
+++ b/src/Components/Auth/Login.tsx
@@ -117,7 +117,8 @@ export const Login = (props: { forgot?: boolean }) => {
               redirectParam &&
               new URL(redirectParam).origin === window.location.origin
             )
-              window.location.href = redirectParam;
+              window.location.href =
+                window.location.origin + new URL(redirectParam).pathname;
             else window.location.href = "/facility";
           } catch {
             window.location.href = "/facility";