Update index.html

Author: simihablo

index.html

@@ -20,24 +20,28 @@
       // Single Page Apps for GitHub Pages
       // MIT License
       // https://github.com/rafgraph/spa-github-pages
-      // This script checks to see if a redirect is present in the query string,
-      // converts it back into the correct url and adds it to the
-      // browser's history using window.history.replaceState(...),
-      // which won't cause the browser to attempt to load the new url.
-      // When the single page app is loaded further down in this file,
-      // the correct url will be waiting in the browser's history for
-      // the single page app to route accordingly.
       (function(l) {
-        if (l.search[1] === '/' ) {
+        if (l.search[1] === '/') {
           var decoded = l.search.slice(1).split('&').map(function(s) { 
-            return s.replace(/~and~/g, '&')
+            return s.replace(/~and~/g, '&');
           }).join('?');
-          window.history.replaceState(null, null,
-              l.pathname.slice(0, -1) + decoded + l.hash
-          );
+    
+          // Construct the new URL using the current origin
+          var newUrl = l.origin + l.pathname.slice(0, -1) + decoded + l.hash;
+    
+          try {
+            var newUrlObj = new URL(newUrl);
+            // Only allow update if the new URL matches the current origin
+            if (newUrlObj.origin === window.location.origin) {
+              window.history.replaceState(null, null, newUrlObj.href);
+            }
+          } catch (e) {
+            console.warn('Invalid redirect URL', e);
+          }
         }
-      }(window.location))
+      }(window.location));
     </script>
+
     <!-- End Single Page Apps for GitHub Pages -->
   </head>