From 89a51217014ec5faff21d5dcaed6be916bef05de Mon Sep 17 00:00:00 2001
From: "opensearch-trigger-bot[bot]"
 <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com>
Date: Wed, 21 Aug 2024 17:09:20 -0400
Subject: [PATCH] Fix a bug where basepath nextUrl is invalid when it should be
 valid (#2096) (#2098)

* Fix a bug where basepath nextUrl is invalid when it should be valid



* Udpate test



---------


(cherry picked from commit b1148fb74956f7a3a84d38ad3d2f2300a959b8a6)

Signed-off-by: Derek Ho <dxho@amazon.com>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
---
 server/utils/next_url.test.ts | 5 +++++
 server/utils/next_url.ts      | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/server/utils/next_url.test.ts b/server/utils/next_url.test.ts
index 41eb73d1..6d6634d3 100644
--- a/server/utils/next_url.test.ts
+++ b/server/utils/next_url.test.ts
@@ -52,6 +52,11 @@ describe('test validateNextUrl', () => {
     expect(validateNextUrl(url, '')).toEqual(undefined);
   });
 
+  test('allow basePath', () => {
+    const url = '/osd';
+    expect(validateNextUrl(url, '/osd')).toEqual(undefined);
+  });
+
   test('allow dashboard url', () => {
     const url =
       '/_plugin/opensearch-dashboards/app/opensearch-dashboards#dashbard/dashboard-id?_g=(param=a&p=b)';
diff --git a/server/utils/next_url.ts b/server/utils/next_url.ts
index 708aca89..8e953752 100644
--- a/server/utils/next_url.ts
+++ b/server/utils/next_url.ts
@@ -58,7 +58,7 @@ export function validateNextUrl(
     }
     const pathMinusBase = path.replace(bp, '');
     if (
-      !pathMinusBase.startsWith('/') ||
+      (pathMinusBase && !pathMinusBase.startsWith('/')) ||
       (pathMinusBase.length >= 2 && !/^\/[a-zA-Z_][\/a-zA-Z0-9-_]+$/.test(pathMinusBase))
     ) {
       return INVALID_NEXT_URL_PARAMETER_MESSAGE;