prevent external redirect when token is assigned

2026-04-25 01:15:28 +00:00 · 2025-11-28 05:01:51 +00:00
parent 020257c20f
commit 9f7c6bb437
1 changed files with 8 additions and 4 deletions
--- a/packages/nc-gui/plugins/redirect.ts
+++ b/packages/nc-gui/plugins/redirect.ts
@@ -34,15 +34,19 @@ export default defineNuxtPlugin(function (nuxtApp) {
          // 2. If signin happened in current tab which can be detected by `isTokenUpdatedTab` flag
          if (newToken && newToken !== oldToken && (isTokenUpdatedTab.value || route.value.query?.continueAfterSignIn)) {
            try {
+              // prevent redirect to full url (outside domain)
+              const getNavigateTo = (continueAfterSignIn: string) => {
+                return isFullUrl(continueAfterSignIn) ? '/' : continueAfterSignIn
+              }
              if (route.value.query?.continueAfterSignIn) {
-                await navigateTo(route.value.query.continueAfterSignIn as string, {
-                  external: isFullUrl(route.value.query.continueAfterSignIn as string),
+                await navigateTo(getNavigateTo(route.value.query.continueAfterSignIn as string), {
+                  external: false,
                })
              } else {
                const continueAfterSignIn = localStorage.getItem('continueAfterSignIn')
                if (continueAfterSignIn) {
-                  await navigateTo(continueAfterSignIn, {
-                    external: isFullUrl(continueAfterSignIn),
+                  await navigateTo(getNavigateTo(continueAfterSignIn), {
+                    external: false,
                  })
                }
              }