🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑

Please read https://angular.io/guide/security#report-issues on how to disclose security related issues.

🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑🛑
Hi Team - Request to provide solution to avoid below issue in Coverity scan.

Issue Details are as follows,

The property window.location.href is a source of untrusted data.

DOM-based cross-site scripting (DOM_XSS)2. sink: Calling urlResolve. This call uses window.location.href for sensitive computation. [show details]
The untrusted data reaches a sink that can either lead to HTML injection, JavaScript code execution, or the manipulation of a URL starting with the "javascript:" or "data:" schemes. Any of these can lead to a DOM XSS vulnerability.

HTML injection: Either escape properly the untrusted data or use a safe API to insert this data to the DOM; direct HTML manipulation as text should be avoided.
JavaScript code execution: Validate any untrusted data against a whitelist so it's not possible for an attacker to have its supplied code executing.
URL manipulation: Make sure the scheme is whitelisted and doesn't allow for the injection of a URL like: "data:text/html;,<img/src/onerror=alert(1)>".

var originUrl = urlResolve(window.location.href);