1 files changed, 46 insertions, 36 deletions

diff --git a/packages/merchant-backoffice-ui/src/paths/instance/accounts/create/CreatePage.tsx b/packages/merchant-backoffice-ui/src/paths/instance/accounts/create/CreatePage.tsx
index dd77d609c..d05375b6c 100644
--- a/packages/merchant-backoffice-ui/src/paths/instance/accounts/create/CreatePage.tsx
+++ b/packages/merchant-backoffice-ui/src/paths/instance/accounts/create/CreatePage.tsx
@@ -32,6 +32,7 @@ import { Input } from "../../../../components/form/Input.js";
 import { InputPaytoForm } from "../../../../components/form/InputPaytoForm.js";
 import { InputSelector } from "../../../../components/form/InputSelector.js";
 import { undefinedIfEmpty } from "../../../../utils/table.js";
+import { safeConvertURL } from "../update/UpdatePage.js";
 
 type Entity = TalerMerchantApi.AccountAddDetails & { repeatPassword: string };
 
@@ -42,62 +43,71 @@ interface Props {
 
 const accountAuthType = ["none", "basic"];
 
-function isValidURL(s: string): boolean {
-  try {
-    const u = new URL("/", s)
-    return true;
-  } catch (e) {
-    return false;
-  }
-}
-
 export function CreatePage({ onCreate, onBack }: Props): VNode {
   const { i18n } = useTranslationContext();
 
   const [state, setState] = useState<Partial<Entity>>({});
+  const facadeURL = safeConvertURL(state.credit_facade_url);
   const errors: FormErrors<Entity> = {
     payto_uri: !state.payto_uri ? i18n.str`required` : undefined,
 
     credit_facade_credentials: !state.credit_facade_credentials
       ? undefined
       : undefinedIfEmpty({
-        username:
-          state.credit_facade_credentials.type === "basic" && !state.credit_facade_credentials.username
-            ? i18n.str`required`
-            : undefined,
-        password:
-          state.credit_facade_credentials.type === "basic" && !state.credit_facade_credentials.password
-            ? i18n.str`required`
-            : undefined,
-      }),
+          username:
+            state.credit_facade_credentials.type === "basic" &&
+            !state.credit_facade_credentials.username
+              ? i18n.str`required`
+              : undefined,
+          password:
+            state.credit_facade_credentials.type === "basic" &&
+            !state.credit_facade_credentials.password
+              ? i18n.str`required`
+              : undefined,
+        }),
     credit_facade_url: !state.credit_facade_url
       ? undefined
-      : !isValidURL(state.credit_facade_url) ? i18n.str`not valid url`
+      : !facadeURL
+        ? i18n.str`Invalid url`
+        : !facadeURL.href.endsWith("/")
+          ? i18n.str`URL should end with a '/'`
+          : facadeURL.searchParams.size > 0
+            ? i18n.str`URL should not contain params`
+            : facadeURL.hash
+              ? i18n.str`URL should not hash param`
+              : undefined,
+    repeatPassword: !state.credit_facade_credentials
+      ? undefined
+      : state.credit_facade_credentials.type === "basic" &&
+          (!state.credit_facade_credentials.password ||
+            state.credit_facade_credentials.password !== state.repeatPassword)
+        ? i18n.str`is not the same`
         : undefined,
-    repeatPassword:
-      !state.credit_facade_credentials
-        ? undefined
-        : state.credit_facade_credentials.type === "basic" && (!state.credit_facade_credentials.password || state.credit_facade_credentials.password !== state.repeatPassword)
-          ? i18n.str`is not the same`
-          : undefined,
   };
 
   const hasErrors = Object.keys(errors).some(
-    (k) => (errors as any)[k] !== undefined,
+    (k) => (errors as Record<string, unknown>)[k] !== undefined,
   );
 
   const submitForm = () => {
     if (hasErrors) return Promise.reject();
-    const credit_facade_url = !state.credit_facade_url ? undefined : new URL("/", state.credit_facade_url).href
-    const credit_facade_credentials: TalerMerchantApi.FacadeCredentials | undefined =
-      credit_facade_url == undefined ? undefined :
-        state.credit_facade_credentials?.type === "basic" ? {
-          type: "basic",
-          password: state.credit_facade_credentials.password,
-          username: state.credit_facade_credentials.username,
-        } : {
-          type: "none"
-        }
+    const credit_facade_url = !state.credit_facade_url
+      ? undefined
+      : facadeURL?.href;
+    const credit_facade_credentials:
+      | TalerMerchantApi.FacadeCredentials
+      | undefined =
+      credit_facade_url == undefined
+        ? undefined
+        : state.credit_facade_credentials?.type === "basic"
+          ? {
+              type: "basic",
+              password: state.credit_facade_credentials.password,
+              username: state.credit_facade_credentials.username,
+            }
+          : {
+              type: "none",
+            };
 
     return onCreate({
       payto_uri: state.payto_uri!,