From c5f74beed9c59c0ad48819f05778c11460f779ad Mon Sep 17 00:00:00 2001
From: muhammad-ahmed <muhammad.ahmed@regentmarkets.com>
Date: Tue, 12 Nov 2024 13:51:07 +0800
Subject: [PATCH] ahmed/DSEC-57013/fix--open-redirect-get-paramter

---
 src/pages/auth.tsx | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/pages/auth.tsx b/src/pages/auth.tsx
index 2bd53dee..9d468849 100644
--- a/src/pages/auth.tsx
+++ b/src/pages/auth.tsx
@@ -3,13 +3,14 @@ import Layout from '@theme/Layout';
 import { Login } from '../features/Login/Login';
 import useAuthParams from '../hooks/useAuthParams';
 import { useEffect } from 'react';
-import { useLocation } from '@docusaurus/router';
+import { Redirect, useLocation } from '@docusaurus/router';
 import useAuthContext from '../hooks/useAuthContext';
 
 export default function Auth(): JSX.Element {
   const { search } = useLocation(); // to get the search params
   const { is_logged_in } = useAuthContext();
   const { checkUrlParams } = useAuthParams();
+  const [redirect_route, setRedirectRoute] = React.useState<string | null>(null);
 
   useEffect(() => {
     checkUrlParams(search);
@@ -18,11 +19,15 @@ export default function Auth(): JSX.Element {
   useEffect(() => {
     if (is_logged_in) {
       const params = new URLSearchParams(search);
-      const redirect_route = params.get('route')?.replace(/%2F/g, '/') || '/';
-      window.location.assign(window.location.origin + redirect_route);
+      const redirect_route = params.get('route')?.replace(/%2F/g, '/') || '/'; 
+      setRedirectRoute(redirect_route);
     }
   }, [is_logged_in, search]);
 
+  if (redirect_route) {
+    return <Redirect to={redirect_route} />;
+  }
+
   return (
     <Layout title='Auth' description='Deriv API documentation'>
       <main>