Merge pull request #7020 from topcoder-platform/pm-196

PM-196: xss dom security issue

Author: hentrymartin

src/shared/utils/url.js

@@ -14,7 +14,13 @@ import { BUCKETS } from 'utils/challenge-listing/buckets';
  */
 export function getCurrentUrl() {
   if (isomorphy.isServerSide()) return null;
-  return window.location.href;
+  const url = window.location.href;
+
+  if (typeof url === 'string' && url.startsWith('http')) {
+    return url;
+  }
+
+  return null;
 }
 
 /**