diff --git a/elements/routing.js b/elements/routing.js
index 6585010dea..1c3037cce8 100644
--- a/elements/routing.js
+++ b/elements/routing.js
@@ -27,6 +27,36 @@ function scrollToTop(ctx, next) {
   next();
 }
 
+function createUrlFromString(str) {
+  const httpRegex = /^https?:\/\//;
+  const wwwRegex = /www\./;
+  str = httpRegex.test(str) ? str : `http://${str}`;
+  str = wwwRegex.test(str) ? str : str.replace(/^(https?:\/\/)?/, '$1www.');
+  return str;
+}
+
+function isTrustedDomain(path) {
+  const trustedDomains = Nuxeo && Nuxeo.UI && Nuxeo.UI.config && Nuxeo.UI.config.trustedDomains;
+  if (!trustedDomains) return true;
+  const modifiedPathUrl = createUrlFromString(path);
+  const pathUrl = new URL(modifiedPathUrl);
+  const { hostname: userHostName } = pathUrl;
+  const trustedDomainList = trustedDomains.split(',');
+  const isValidUrl = trustedDomainList.some((url) => {
+    const updatedUrl = createUrlFromString(url);
+    const { hostname: currentUrlHostName } = new URL(updatedUrl);
+    return currentUrlHostName?.toLowerCase() === userHostName?.toLowerCase();
+  });
+  return isValidUrl;
+}
+
+function encodeQueryParams(path) {
+  const pathUrl = new URL(path);
+  const queryParams = pathUrl.search.split('?')[1];
+  const encodepath = queryParams ? `${pathUrl.origin}?${encodeURIComponent(queryParams)}` : path;
+  return encodepath;
+}
+
 function _routeAdmin(selectedAdminTab, errorPath, routeData) {
   const hasPermission =
     app.currentUser.isAdministrator || app.currentUser.extendedGroups.find((grp) => grp.name === 'powerusers');
@@ -196,7 +226,13 @@ app.router = {
     }
     const isFullpath = /^http(s)?:\/\//.test(path);
     if (isFullpath) {
-      window.location = path;
+      const isValidUrl = isTrustedDomain(path);
+      if (isValidUrl) {
+        const encodepath = encodeQueryParams(path);
+        const link = document.createElement('a');
+        link.setAttribute('href', encodepath);
+        link.click();
+      }
     } else {
       page(path);
     }
diff --git a/plugin/web-ui/addon/src/main/resources/OSGI-INF/web-ui-properties.xml b/plugin/web-ui/addon/src/main/resources/OSGI-INF/web-ui-properties.xml
index c3f89772ea..b5ec6b3a81 100644
--- a/plugin/web-ui/addon/src/main/resources/OSGI-INF/web-ui-properties.xml
+++ b/plugin/web-ui/addon/src/main/resources/OSGI-INF/web-ui-properties.xml
@@ -53,6 +53,8 @@
 
     <!-- Max results for nuxeo select options. default is 1000.-->
     <property name="org.nuxeo.web.ui.pagination.nuxeoSelectOptions.listingMaxItems">${org.nuxeo.pagination.nuxeoSelectOptions.maxAllowedItems:=1000}</property>
+    <!-- allowed url to redirect -->
+    <property name="org.nuxeo.web.ui.trustedDomains">${org.nuxeo.web.ui.trustedDomains:=''}</property>
 
   </extension>
 </component>
\ No newline at end of file