diff --git a/apps/builder/package.json b/apps/builder/package.json index 683a59437..0d8a15ba3 100644 --- a/apps/builder/package.json +++ b/apps/builder/package.json @@ -13,6 +13,7 @@ "format:check": "prettier --check ./src" }, "dependencies": { + "@braintree/sanitize-url": "7.0.1", "@chakra-ui/anatomy": "2.1.1", "@chakra-ui/react": "2.7.1", "@chakra-ui/theme-tools": "2.0.18", diff --git a/apps/builder/src/features/auth/components/SignInForm.tsx b/apps/builder/src/features/auth/components/SignInForm.tsx index c850dcad8..85689f16d 100644 --- a/apps/builder/src/features/auth/components/SignInForm.tsx +++ b/apps/builder/src/features/auth/components/SignInForm.tsx @@ -28,10 +28,12 @@ import { useToast } from '@/hooks/useToast' import { TextLink } from '@/components/TextLink' import { SignInError } from './SignInError' import { useTranslate } from '@tolgee/react' +import { sanitizeUrl } from '@braintree/sanitize-url' type Props = { defaultEmail?: string } + export const SignInForm = ({ defaultEmail, }: Props & HTMLChakraProps<'form'>) => { @@ -55,7 +57,8 @@ export const SignInForm = ({ useEffect(() => { if (status === 'authenticated') { - router.replace(router.query.redirectPath?.toString() ?? '/typebots') + const redirectPath = router.query.redirectPath?.toString() + router.replace(redirectPath ? sanitizeUrl(redirectPath) : '/typebots') return } ;(async () => { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index e97270737..c0195c2d7 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -29,6 +29,9 @@ importers: apps/builder: dependencies: + '@braintree/sanitize-url': + specifier: 7.0.1 + version: 7.0.1 '@chakra-ui/anatomy': specifier: 2.1.1 version: 2.1.1 @@ -3334,6 +3337,10 @@ packages: resolution: {integrity: sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==} dev: true + /@braintree/sanitize-url@7.0.1: + resolution: {integrity: sha512-URg8UM6lfC9ZYqFipItRSxYJdgpU5d2Z4KnjsJ+rj6tgAmGme7E+PQNCiud8g0HDaZKMovu2qjfa0f5Ge0Vlsg==} + dev: false + /@chakra-ui/accordion@2.2.0(@chakra-ui/system@2.5.8)(framer-motion@10.12.20)(react@18.2.0): resolution: {integrity: sha512-2IK1iLzTZ22u8GKPPPn65mqJdZidn4AvkgAbv17ISdKA07VHJ8jSd4QF1T5iCXjKfZ0XaXozmhP4kDhjwF2IbQ==} peerDependencies: