fix / sso: after complete login via token make sure to delete only loginToken query-param from the window.location api.

Related to https://github.com/vector-im/element-web/pull/16292 Signed-off-by: Bekliev Parviz <nightkon95@gmail.com>
2 years ago · 3e57378631
1 changed files with 5 additions and 2 deletions
--- a/src/vector/app.tsx
+++ b/src/vector/app.tsx
@ -120,8 +120,11 @@ function onTokenLoginCompleted() {
    // if we did a token login, we're now left with the token, hs and is
    // url as query params in the url; a little nasty but let's redirect to
    // clear them.
-    const parsedUrl = url.parse(window.location.href);
-    parsedUrl.search = "";
+    const parsedUrl = url.parse(window.location.href, true);
+
+    parsedUrl.search = null; // to make `url.format` ignores `search` property and uses `query` instead
+    delete parsedUrl.query['loginToken'];
+
    const formatted = url.format(parsedUrl);
    console.log(`Redirecting to ${formatted} to drop loginToken from queryparams`);
    window.history.replaceState(null, "", formatted);