allow angular url to be in next_url

Author: ihorsokhanexoft

framework/auth/views.py

@@ -39,6 +39,9 @@
 from osf import features
 
 
+ANGULAR_URL = 'localhost:4200'
+
+
 @block_bing_preview
 @collect_auth
 def reset_password_get(auth, uid=None, token=None):
@@ -1209,6 +1212,9 @@ def validate_next_url(next_url):
 
     # disable external domain using `//`: the browser allows `//` as a shortcut for non-protocol specific requests
     # like http:// or https:// depending on the use of SSL on the page already.
+    if ANGULAR_URL in next_url:
+        return True
+
     if next_url.startswith('//'):
         return False