PM-13103 - DuoRedirect - fix redirectToDuoFrameless logic to allow either duosecurity.com or duofederal.com as valid redirect urls. The existing logic failed b/c the construction of the previous check would reject all URLs. (#11363)

apps/web/src/connectors/duo-redirect.ts

@@ -54,8 +54,10 @@ function redirectToDuoFrameless(redirectUrl: string) {
 
   if (
     validateUrl.protocol !== "https:" ||
-    !validateUrl.hostname.endsWith("duosecurity.com") ||
-    !validateUrl.hostname.endsWith("duofederal.com")
+    !(
+      validateUrl.hostname.endsWith("duosecurity.com") ||
+      validateUrl.hostname.endsWith("duofederal.com")
+    )
   ) {
     throw new Error("Invalid redirect URL");
   }