fix / sso: after complete login via token make sure to delete only lo…

…ginToken query-param from the window.location api. Related to #16292 Signed-off-by: Bekliev Parviz <[email protected]>
element-hq · Feb 9, 2021 · 3e57378 · 3e57378
1 parent 2332cec
commit 3e57378
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/src/vector/app.tsx b/src/vector/app.tsx
@@ -120,8 +120,11 @@ function onTokenLoginCompleted() {
     // if we did a token login, we're now left with the token, hs and is
     // url as query params in the url; a little nasty but let's redirect to
     // clear them.
-    const parsedUrl = url.parse(window.location.href);
-    parsedUrl.search = "";
+    const parsedUrl = url.parse(window.location.href, true);
+
+    parsedUrl.search = null; // to make `url.format` ignores `search` property and uses `query` instead
+    delete parsedUrl.query['loginToken'];
+
     const formatted = url.format(parsedUrl);
     console.log(`Redirecting to ${formatted} to drop loginToken from queryparams`);
     window.history.replaceState(null, "", formatted);