diff --git a/src/response.ts b/src/response.ts index cf134f455..2338cb448 100644 --- a/src/response.ts +++ b/src/response.ts @@ -242,7 +242,8 @@ export const handlePageResponse = ({ match(response.canonical) .with(P.string, canonical => R.asks( - ({ publicUrl }: PublicUrlEnv) => new URL(encodeURI(canonical).replace(/^([^/])/, '/$1'), publicUrl).href, + ({ publicUrl }: PublicUrlEnv) => + new URL(`${publicUrl.origin}${encodeURI(canonical).replace(/^([^/])/, '/$1')}`).href, ), ) .with(undefined, R.of) @@ -307,7 +308,7 @@ const handleTwoUpPageResponse = ({ 'canonical', RM.asks( ({ publicUrl }: PublicUrlEnv) => - new URL(encodeURI(response.canonical).replace(/^([^/])/, '/$1'), publicUrl).href, + new URL(`${publicUrl.origin}${encodeURI(response.canonical).replace(/^([^/])/, '/$1')}`).href, ), ), RM.bindW( @@ -376,7 +377,7 @@ const handleLogInResponse = ({ response: LogInResponse }): RM.ReaderMiddleware => pipe( - RM.asks(({ publicUrl }: PublicUrlEnv) => new URL(response.location, publicUrl).href), + RM.asks(({ publicUrl }: PublicUrlEnv) => new URL(`${publicUrl.origin}${response.location}`).href), RM.ichainW(requestAuthorizationCode('/authenticate')), R.local(addRedirectUri()), ) diff --git a/test/response.test.ts b/test/response.test.ts index 46a3c79dc..e65defccf 100644 --- a/test/response.test.ts +++ b/test/response.test.ts @@ -609,7 +609,7 @@ describe('handleResponse', () => { response_type: 'code', redirect_uri: new URL('/orcid', publicUrl).toString(), scope: '/authenticate', - state: new URL(response.location, publicUrl).href, + state: new URL(`${publicUrl.origin}${response.location}`).href, }).toString()}`, orcidOauth.authorizeUrl, ).href,