From 08c4c898182edbe97aadef1815cce50448f975cb Mon Sep 17 00:00:00 2001
From: Min RK <benjaminrk@gmail.com>
Date: Wed, 27 Mar 2019 21:43:40 +0100
Subject: [PATCH] protect against chrome mishandling backslash as slash in URLs

---
 notebook/auth/login.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/notebook/auth/login.py b/notebook/auth/login.py
index d8289d732..8dbd6112f 100644
--- a/notebook/auth/login.py
+++ b/notebook/auth/login.py
@@ -39,6 +39,10 @@ class LoginHandler(IPythonHandler):
         """
         if default is None:
             default = self.base_url
+        # protect chrome users from mishandling unescaped backslashes.
+        # \ is not valid in urls, but some browsers treat it as /
+        # instead of %5C, causing `\\` to behave as `//`
+        url = url.replace("\\", "%5C")
         parsed = urlparse(url)
         if parsed.netloc or not (parsed.path + '/').startswith(self.base_url):
             # require that next_url be absolute path within our path