diff --git a/src/main/java/org/t246osslab/easybuggy/vulnerabilities/OpenRedirectServlet.java b/src/main/java/org/t246osslab/easybuggy/vulnerabilities/OpenRedirectServlet.java
index 2cbb0558..586eca0a 100644
--- a/src/main/java/org/t246osslab/easybuggy/vulnerabilities/OpenRedirectServlet.java
+++ b/src/main/java/org/t246osslab/easybuggy/vulnerabilities/OpenRedirectServlet.java
@@ -59,13 +59,13 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) thr
             session.setAttribute("userid", userid);
             
             String gotoUrl = request.getParameter("goto");
-            try {
-                URL u = new URL(gotoUrl);
-                gotoUrl = u.toURI().toString();
-            } catch (Exception e) {
-                log.warn("Invalid goto Url: {}", gotoUrl);
-            }
             if (gotoUrl != null) {
+                try {
+                    URL u = new URL(gotoUrl);
+                    gotoUrl = u.toURI().toString();
+                } catch (Exception e) {
+                    log.warn("Invalid goto Url: {}", gotoUrl);
+                }
                 response.sendRedirect(gotoUrl);
             } else {
                 String target = (String) session.getAttribute("target");