From 13da8d9793d8cf98117e2a54ec53f5c475c72bf6 Mon Sep 17 00:00:00 2001
From: lucasmerlin <hi@lucasmerlin.me>
Date: Thu, 23 Apr 2026 11:08:32 +0200
Subject: [PATCH] Allow redirecting with query params or to sub paths

---
 auth-callback/src/index.ts | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/auth-callback/src/index.ts b/auth-callback/src/index.ts
index 07976ee..4ddaba8 100644
--- a/auth-callback/src/index.ts
+++ b/auth-callback/src/index.ts
@@ -6,13 +6,10 @@ const GITHUB_CLIENT_ID = process.env.GITHUB_CLIENT_ID!;
 const GITHUB_CLIENT_SECRET = process.env.GITHUB_CLIENT_SECRET!;
 const PORT = process.env.PORT || 8080;
 
-const ALLOWED_ORIGINS = [
-  "https://rerun-io.github.io/kitdiff",
-  "https://rerun-io.github.io/kitdiff/",
-];
+const ALLOWED_PREFIX = "https://rerun-io.github.io/kitdiff/";
 
 function isAllowedRedirect(url: string): boolean {
-  if (ALLOWED_ORIGINS.includes(url)) {
+  if (url.startsWith(ALLOWED_PREFIX)) {
     return true;
   }
   try {