From a99df19d09d605b753cee3f2503fc4234d337055 Mon Sep 17 00:00:00 2001
From: Rangashivani <ranga.shivani@hitachivantara.com>
Date: Wed, 13 Nov 2024 12:22:48 +0000
Subject: [PATCH] [PPP-5384]-XSS Findings for Pentaho-kettle

---
 plugins/core-ui/src/main/resources/app/pentaho/util/url.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/plugins/core-ui/src/main/resources/app/pentaho/util/url.js b/plugins/core-ui/src/main/resources/app/pentaho/util/url.js
index 0b0372b07a12..f8108a4279a1 100644
--- a/plugins/core-ui/src/main/resources/app/pentaho/util/url.js
+++ b/plugins/core-ui/src/main/resources/app/pentaho/util/url.js
@@ -11,8 +11,9 @@
  ******************************************************************************/
 
 define([
-  "./has"
-], function(has) {
+  "./has",
+  "common-ui/util/xss"
+], function(has, xssUtil) {
   "use strict";
 
   /* eslint new-cap: 0 */
@@ -93,7 +94,7 @@ define([
       hostname: host,
       host: host + ":" + port,
       port: port,
-      origin: protocol + "//" + host + ":" + port,
+      origin: xssUtil.sanitizeUrl(protocol + "//" + host + ":" + port),
       pathname: pathname,
 
       toString: function() {