* Mitigate open redirect vulnerability in login page
Current implementation won't allow full url redirection within local origin, and will allow open redirection with href like "//google.com".
Comparing redirect url's origin with current origin will ensure the two share the same protocol, hostname, and port.
* Update .clabot
Add catmandx to list of contributors for creating pull request