Ahhh. I see. Is there a good reason (a pro) to performing the browser redirect over an internal redirect? Maybe the existing mechanism could be changed to do an internal redirect?

Alternately, the existing code could be made to discern an internal redirect if the value of this parameter (say) began with "//" (double slash), or some other syntax.