diff --git a/frontend/bun.lock b/frontend/bun.lock
index 12b197b..1f98f9c 100644
--- a/frontend/bun.lock
+++ b/frontend/bun.lock
@@ -14,7 +14,6 @@
         "axios": "^1.11.0",
         "class-variance-authority": "^0.7.1",
         "clsx": "^2.1.1",
-        "dompurify": "^3.2.6",
         "i18next": "^25.4.2",
         "i18next-browser-languagedetector": "^8.2.0",
         "i18next-resources-to-backend": "^1.2.1",
@@ -364,8 +363,6 @@
 
     "@types/react-dom": ["@types/react-dom@19.1.8", "", { "peerDependencies": { "@types/react": "^19.0.0" } }, "sha512-xG7xaBMJCpcK0RpN8jDbAACQo54ycO6h4dSSmgv8+fu6ZIAdANkx/WsawASUjVXYfy+J9AbUpRMNNEsXCDfDBQ=="],
 
-    "@types/trusted-types": ["@types/trusted-types@2.0.7", "", {}, "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw=="],
-
     "@types/unist": ["@types/unist@3.0.3", "", {}, "sha512-ko/gIFJRv177XgZsZcBwnqJN5x/Gien8qNOn0D5bQU/zAzVf9Zt3BlcUiLqhV9y4ARk0GbT3tnUiPNgnTXzc/Q=="],
 
     "@typescript-eslint/eslint-plugin": ["@typescript-eslint/eslint-plugin@8.41.0", "", { "dependencies": { "@eslint-community/regexpp": "^4.10.0", "@typescript-eslint/scope-manager": "8.41.0", "@typescript-eslint/type-utils": "8.41.0", "@typescript-eslint/utils": "8.41.0", "@typescript-eslint/visitor-keys": "8.41.0", "graphemer": "^1.4.0", "ignore": "^7.0.0", "natural-compare": "^1.4.0", "ts-api-utils": "^2.1.0" }, "peerDependencies": { "@typescript-eslint/parser": "^8.41.0", "eslint": "^8.57.0 || ^9.0.0", "typescript": ">=4.8.4 <6.0.0" } }, "sha512-8fz6oa6wEKZrhXWro/S3n2eRJqlRcIa6SlDh59FXJ5Wp5XRZ8B9ixpJDcjadHq47hMx0u+HW6SNa6LjJQ6NLtw=="],
@@ -476,8 +473,6 @@
 
     "devlop": ["devlop@1.1.0", "", { "dependencies": { "dequal": "^2.0.0" } }, "sha512-RWmIqhcFf1lRYBvNmr7qTNuyCt/7/ns2jbpp1+PalgE/rDQcBT0fioSMUpJ93irlUhC5hrg4cYqe6U+0ImW0rA=="],
 
-    "dompurify": ["dompurify@3.2.6", "", { "optionalDependencies": { "@types/trusted-types": "^2.0.7" } }, "sha512-/2GogDQlohXPZe6D6NOgQvXLPSYBqIWMnZ8zzOhn09REE4eyAzb+Hed3jhoM9OkuaJ8P6ZGTTVWQKAi8ieIzfQ=="],
-
     "dunder-proto": ["dunder-proto@1.0.1", "", { "dependencies": { "call-bind-apply-helpers": "^1.0.1", "es-errors": "^1.3.0", "gopd": "^1.2.0" } }, "sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A=="],
 
     "electron-to-chromium": ["electron-to-chromium@1.5.151", "", {}, "sha512-Rl6uugut2l9sLojjS4H4SAr3A4IgACMLgpuEMPYCVcKydzfyPrn5absNRju38IhQOf/NwjJY8OGWjlteqYeBCA=="],
diff --git a/frontend/package.json b/frontend/package.json
index 2161e05..3d3fc47 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -20,7 +20,6 @@
     "axios": "^1.11.0",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
-    "dompurify": "^3.2.6",
     "i18next": "^25.4.2",
     "i18next-browser-languagedetector": "^8.2.0",
     "i18next-resources-to-backend": "^1.2.1",
diff --git a/frontend/src/pages/continue-page.tsx b/frontend/src/pages/continue-page.tsx
index 9cc85c2..4bb43b4 100644
--- a/frontend/src/pages/continue-page.tsx
+++ b/frontend/src/pages/continue-page.tsx
@@ -11,7 +11,6 @@ import { useUserContext } from "@/context/user-context";
 import { isValidUrl } from "@/lib/utils";
 import { Trans, useTranslation } from "react-i18next";
 import { Navigate, useLocation, useNavigate } from "react-router";
-import DOMPurify from "dompurify";
 import { useEffect, useState } from "react";
 
 export const ContinuePage = () => {
@@ -28,7 +27,7 @@ export const ContinuePage = () => {
   const redirectUri = searchParams.get("redirect_uri");
 
   const isValidRedirectUri =
-    redirectUri !== null ? isValidUrl(DOMPurify.sanitize(redirectUri)) : false;
+    redirectUri !== null ? isValidUrl(redirectUri) : false;
   const redirectUriObj = isValidRedirectUri
     ? new URL(redirectUri as string)
     : null;
@@ -37,6 +36,11 @@ export const ContinuePage = () => {
       ? redirectUriObj.hostname === rootDomain ||
         redirectUriObj.hostname.endsWith(`.${rootDomain}`)
       : false;
+  const isAllowedRedirectProto =
+    redirectUriObj !== null
+      ? redirectUriObj.protocol === "https:" ||
+        redirectUriObj.protocol === "http:"
+      : false;
   const isHttpsDowngrade =
     redirectUriObj !== null
       ? redirectUriObj.protocol === "http:" &&
@@ -45,7 +49,7 @@ export const ContinuePage = () => {
 
   const handleRedirect = () => {
     setLoading(true);
-    window.location.replace(DOMPurify.sanitize(redirectUriObj!.toString()));
+    window.location.replace(redirectUriObj!.toString());
   };
 
   useEffect(() => {
@@ -53,26 +57,32 @@ export const ContinuePage = () => {
       !isLoggedIn ||
       !isValidRedirectUri ||
       !isTrustedRedirectUri ||
+      !isAllowedRedirectProto ||
       isHttpsDowngrade
     ) {
       return;
     }
 
-    setTimeout(() => {
+    const auto = setTimeout(() => {
       handleRedirect();
     }, 100);
 
-    setTimeout(() => {
+    const reveal = setTimeout(() => {
       setLoading(false);
       setShowRedirectButton(true);
     }, 1000);
+
+    return () => {
+      clearTimeout(auto);
+      clearTimeout(reveal);
+    };
   }, []);
 
   if (!isLoggedIn) {
     return <Navigate to="/login" />;
   }
 
-  if (!isValidRedirectUri) {
+  if (!isValidRedirectUri || !isAllowedRedirectProto) {
     return <Navigate to="/logout" />;
   }
 
diff --git a/frontend/src/pages/login-page.tsx b/frontend/src/pages/login-page.tsx
index 64d8b3c..9ce7be7 100644
--- a/frontend/src/pages/login-page.tsx
+++ b/frontend/src/pages/login-page.tsx
@@ -49,9 +49,11 @@ export const LoginPage = () => {
         description: t("loginOauthSuccessSubtitle"),
       });
 
-      setTimeout(() => {
+      const redirect = setTimeout(() => {
         window.location.replace(data.data.url);
       }, 500);
+
+      return () => clearTimeout(redirect);
     },
     onError: () => {
       toast.error(t("loginOauthFailTitle"), {
@@ -75,11 +77,13 @@ export const LoginPage = () => {
         description: t("loginSuccessSubtitle"),
       });
 
-      setTimeout(() => {
+      const redirect = setTimeout(() => {
         window.location.replace(
           `/continue?redirect_uri=${encodeURIComponent(redirectUri ?? "")}`,
         );
       }, 500);
+
+      return () => clearTimeout(redirect);
     },
     onError: (error: AxiosError) => {
       toast.error(t("loginFailTitle"), {
diff --git a/frontend/src/pages/logout-page.tsx b/frontend/src/pages/logout-page.tsx
index e453db7..1229a35 100644
--- a/frontend/src/pages/logout-page.tsx
+++ b/frontend/src/pages/logout-page.tsx
@@ -28,9 +28,11 @@ export const LogoutPage = () => {
         description: t("logoutSuccessSubtitle"),
       });
 
-      setTimeout(() => {
+      const redirect = setTimeout(() => {
         window.location.replace("/login");
       }, 500);
+
+      return () => clearTimeout(redirect);
     },
     onError: () => {
       toast.error(t("logoutFailTitle"), {
diff --git a/frontend/src/pages/totp-page.tsx b/frontend/src/pages/totp-page.tsx
index 8a07e6d..4e0bdb1 100644
--- a/frontend/src/pages/totp-page.tsx
+++ b/frontend/src/pages/totp-page.tsx
@@ -34,11 +34,13 @@ export const TotpPage = () => {
         description: t("totpSuccessSubtitle"),
       });
 
-      setTimeout(() => {
+      const redirect = setTimeout(() => {
         window.location.replace(
           `/continue?redirect_uri=${encodeURIComponent(redirectUri ?? "")}`,
         );
       }, 500);
+
+      return () => clearTimeout(redirect);
     },
     onError: () => {
       toast.error(t("totpFailTitle"), {