diff --git a/apps/web/src/connectors/duo-redirect.ts b/apps/web/src/connectors/duo-redirect.ts index 2b8a3de4de..a113c6b975 100644 --- a/apps/web/src/connectors/duo-redirect.ts +++ b/apps/web/src/connectors/duo-redirect.ts @@ -51,14 +51,12 @@ window.addEventListener("load", async () => { */ function redirectToDuoFrameless(redirectUrl: string) { const validateUrl = new URL(redirectUrl); + const validDuoUrl = + validateUrl.protocol === "https:" && + (validateUrl.hostname.endsWith(".duosecurity.com") || + validateUrl.hostname.endsWith(".duofederal.com")); - if ( - validateUrl.protocol !== "https:" || - !( - validateUrl.hostname.endsWith("duosecurity.com") || - validateUrl.hostname.endsWith("duofederal.com") - ) - ) { + if (!validDuoUrl) { throw new Error("Invalid redirect URL"); }