Bug: Error when survey finish to "navigateToUrl" fix #8631 (#8633)

src/utils/utils.ts

@@ -157,7 +157,7 @@ function scrollElementByChildId(id: string) {
 function navigateToUrl(url: string): void {
   const location = DomWindowHelper.getLocation();
   if (!url || !location) return;
-  location.href = encodeURIComponent(url);
+  location.href = getSafeUrl(url);
 }
 
 function wrapUrlForBackgroundImage(url: string): string {
@@ -205,6 +205,11 @@ function createSvg(
   }
   titleElement.textContent = title;
 }
+export function getSafeUrl(url: string): string {
+  if(!url) return url;
+  if(url.toLocaleLowerCase().indexOf("javascript:")> -1) return encodeURIComponent(url);
+  return url;
+}
 
 export function unwrap<T>(value: T | (() => T)): T {
   if (typeof value !== "function") {

tests/utilstests.ts

@@ -1,6 +1,6 @@
 import { IAction } from "../src/actions/action";
 import { defaultListCss } from "../src/list";
-import { createSvg, doKey2ClickDown, doKey2ClickUp, sanitizeEditableContent, configConfirmDialog, mergeValues, compareArrays } from "../src/utils/utils";
+import { createSvg, doKey2ClickDown, doKey2ClickUp, sanitizeEditableContent, configConfirmDialog, getSafeUrl, compareArrays } from "../src/utils/utils";
 import { mouseInfo, detectMouseSupport, MatchMediaMethod } from "../src/utils/devices";
 import { PopupBaseViewModel } from "../src/popup-view-model";
 import { PopupModel } from "../src/popup";
@@ -1035,4 +1035,8 @@ QUnit.test("test onNextRender function", (assert) => {
 
   window.requestAnimationFrame = oldRequestAnimationFrame;
   window.cancelAnimationFrame = oldCancelAnimationFrame;
+});
+QUnit.test("getSafeUrl", (assert) => {
+  assert.equal(getSafeUrl("https://surveyjs.io"), "https://surveyjs.io", "https://surveyjs.io");
+  assert.equal(getSafeUrl("javascript:alert('1')"), "javascript%3Aalert('1')", "javascript:alert('1')");
 });