fix: LSDV-5072: adds check that any redirects are not redirecting to an external host

[dredivaris]

PR fulfills these requirements

• Commit message(s) and PR title follows the format [fix|feat|ci|chore|doc]: TICKET-ID: Short description of change made ex. fix: DEV-XXXX: Removed inconsistent code usage causing intermittent errors
• Tests for the changes have been added/updated (for bug fixes/features)
• Docs have been added/updated (for bug fixes/features)
• Best efforts were made to ensure docs/code are concise and coherent (checked for spelling/grammatical errors, commented out code, debug logs etc.)
• Self-reviewed and ran all changes on a local instance (for bug fixes/features)

Change has impacts in these area(s)

(check all that apply)

• Product design
• Backend (Database)
• Backend (API)
• Frontend

Describe the reason for change

To ensure an attacker can't redirect signups/logins to an external website masquerading as Label Studio.

What is the new behavior?

Get query param redirects to external sites will now instead redirect to /projects/

What is the current behavior?

Get query param redirects to external sites will successfully redirect away from Label Studio

Does this change affect security?

Yes this change was made to improve security around signups/logins.

Does this PR introduce a breaking change?

(check only one)

• Yes, and covered entirely by feature flag(s)
• Yes, and covered partially by feature flag(s)
• No
• Not sure (briefly explain the situation below)

What level of testing was included in the change?

(check all that apply)

• e2e
• integration
• unit

Which logical domain(s) does this change affect?

Login/Signup

[netlify]

❌ Deploy Preview for label-studio-docs-new-theme failed.

Name	Link
🔨 Latest commit	63db4fe
🔍 Latest deploy log	https://app.netlify.com/sites/label-studio-docs-new-theme/deploys/649de2d33a51d20007c09c95

[netlify]

❌ Deploy Preview for heartex-docs failed.

Name	Link
🔨 Latest commit	63db4fe
🔍 Latest deploy log	https://app.netlify.com/sites/heartex-docs/deploys/649de2d3261ba2000875dcfd

[codecov]

Codecov Report

Patch and project coverage have no change.

Comparison is base (e321639) 75.57% compared to head (63db4fe) 75.58%.

Additional details and impacted files

@@           Coverage Diff            @@
##           develop    #4341   +/-   ##
========================================
  Coverage    75.57%   75.58%           
========================================
  Files          156      156           
  Lines        12223    12226    +3     
========================================
+ Hits          9238     9241    +3     
  Misses        2985     2985           

see 1 file with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.