diff --git a/_website/views.py b/_website/views.py
index e23ea0b..e025741 100644
--- a/_website/views.py
+++ b/_website/views.py
@@ -1,7 +1,8 @@
 from django.shortcuts import render, redirect, get_object_or_404
 from django.http import Http404, FileResponse
 from django.utils import translation
-
+from django.utils.http import url_has_allowed_host_and_scheme
+from django.conf import settings
 from .models import *
 
 def generate_menu_context(request):
@@ -112,10 +113,19 @@ def faq_view(request):
         'contest_languages': contest_languages,
     })
 
-
 def toggle_lang(request):
     lang = 'tr' if translation.get_language() == 'en' else 'en'
-
     request.session[translation.LANGUAGE_SESSION_KEY] = lang
+    
+    next_url = request.GET.get('next', '/')
+    
+    # 12.11.2024
+    if not url_has_allowed_host_and_scheme(
+        url=next_url,
+        allowed_hosts={request.get_host()},
+        require_https=request.is_secure()
+    ):
+        next_url = '/'
+        
+    return redirect(next_url)
 
-    return redirect(request.GET.get('next', '/'))