Navigation: Sanitize homeUrl (#65293)

sanitize homeUrl

public/app/core/components/AppChrome/TopSearchBar.tsx

@@ -2,7 +2,7 @@ import { css } from '@emotion/css';
 import React from 'react';
 import { useLocation } from 'react-router-dom';
 
-import { GrafanaTheme2, locationUtil } from '@grafana/data';
+import { GrafanaTheme2, locationUtil, textUtil } from '@grafana/data';
 import { Dropdown, ToolbarButton, useStyles2 } from '@grafana/ui';
 import { config } from 'app/core/config';
 import { contextSrv } from 'app/core/core';
@@ -29,7 +29,7 @@ export const TopSearchBar = React.memo(function TopSearchBar() {
 
   let homeUrl = config.appSubUrl || '/';
   if (!config.bootData.user.isSignedIn && !config.anonymousEnabled) {
-    homeUrl = locationUtil.getUrlForPartial(location, { forceLogin: 'true' });
+    homeUrl = textUtil.sanitizeUrl(locationUtil.getUrlForPartial(location, { forceLogin: 'true' }));
   }
 
   return (

public/app/core/components/NavBar/NavBar.tsx

@@ -5,7 +5,7 @@ import { cloneDeep } from 'lodash';
 import React, { useState } from 'react';
 import { useLocation } from 'react-router-dom';
 
-import { GrafanaTheme2, locationUtil, NavModelItem, NavSection } from '@grafana/data';
+import { GrafanaTheme2, locationUtil, NavModelItem, NavSection, textUtil } from '@grafana/data';
 import { config, locationSearchToObject, locationService, reportInteraction } from '@grafana/runtime';
 import { useTheme2, CustomScrollbar, IconButton } from '@grafana/ui';
 import { getKioskMode } from 'app/core/navigation/kiosk';
@@ -53,7 +53,7 @@ export const NavBar = React.memo(() => {
 
   let homeUrl = config.appSubUrl || '/';
   if (!config.bootData.user.isSignedIn && !config.anonymousEnabled) {
-    homeUrl = locationUtil.getUrlForPartial(location, { forceLogin: 'true' });
+    homeUrl = textUtil.sanitizeUrl(locationUtil.getUrlForPartial(location, { forceLogin: 'true' }));
   }
 
   const homeItem: NavModelItem = enrichWithInteractionTracking(