Security: Harden redirectLink against open-redirects in login flow

[coderabbitai]

Description

The login component in pages/sites/[slug]/[locale]/login.tsx currently uses redirectLink from localStorage without validation, which could lead to open-redirect vulnerabilities if the localStorage value is manipulated client-side.

Current Implementation

Lines 58-62 in login.tsx:

const redirectLink = localStorage.getItem('redirectLink');
if (redirectLink) {
  localStorage.removeItem('redirectLink');
  push(redirectLink);
}

Security Risk

Since localStorage can be manipulated by client-side scripts or browser developer tools, an attacker could set redirectLink to an external URL, causing the application to redirect users to malicious sites.

Suggested Solution

Validate and constrain redirectLink to same-origin paths before redirecting:

localStorage.removeItem('redirectLink');
try {
  const url = new URL(redirectLink, window.location.origin);
  if (url.origin === window.location.origin) {
    // internal path: preserve locale, query, hash
    push(`${url.pathname}${url.search}${url.hash}`);
  } else {
    // external or unexpected origin: safe fallback
    push('/profile');
  }
} catch {
  // malformed or empty: safe fallback
  push('/profile');
}

References

• PR: Hotfix/localize client route #2610
• Comment: Hotfix/localize client route #2610 (comment)
• Requested by: @sunilsabatp