Home
Help CenterSign up for Frontegg

How to Validate the URL provided in `redirectUrl`

Suggest Edits

To enhance your users' security and validate the URL provided in the redirectUrlparameter, you can pass enforceRedirectToSameSite and allowedRedirectOrigins flags to the FronteggProvider:

authOptions: {
    enforceRedirectToSameSite: true,
    allowedRedirectOrigins: ['http://my-allowed-redirect-url-origin.com']
}

<FronteggProvider
  authOptions={authOptions}
  contextOptions={contextOptions}
  hostedLoginBox={false} // If you're using Embedded login
>
  {children}
</FronteggProvider>

This will help prevent attempts to generate potentially malicious links and redirect the users to such sites.

Updated 14 days ago