From 3b45e82dca8e7d5c4919bd26fbe321201851af6c Mon Sep 17 00:00:00 2001
From: Andrea Marchesini <amarchesini@mozilla.com>
Date: Tue, 7 Apr 2026 13:19:54 +0200
Subject: [PATCH] Add a URL validation for the confirmation page

---
 src/js/confirm-page.js | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/src/js/confirm-page.js b/src/js/confirm-page.js
index 8ac64d6d..2ef5e3bc 100644
--- a/src/js/confirm-page.js
+++ b/src/js/confirm-page.js
@@ -1,7 +1,22 @@
+function isSafeUrl(url) {
+  try {
+    const { protocol } = new URL(url);
+    return protocol === "http:" || protocol === "https:";
+  } catch {
+    return false;
+  }
+}
+
 async function load() {
   const searchParams = new URL(window.location).searchParams;
   const redirectUrl = searchParams.get("url");
   const cookieStoreId = searchParams.get("cookieStoreId");
+
+  if (!isSafeUrl(redirectUrl)) {
+    window.close();
+    return;
+  }
+
   const currentCookieStoreId = searchParams.get("currentCookieStoreId");
   const redirectUrlElement = document.getElementById("redirect-url");
   redirectUrlElement.textContent = redirectUrl;