diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index ab4f5594876..d1bc1dcdadd 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -336,7 +336,7 @@ def process_ajax_error(exception, action = nil)
   end
 
   def redirect_back_or_to(url)
-    redirect_back(fallback_location: url)
+    redirect_back(fallback_location: url, allow_other_host: false)
   end
 
   def saved_redirect_url_or(default)
diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb
index e46eea9991c..6f0d27b4f6f 100644
--- a/test/controllers/users_controller_test.rb
+++ b/test/controllers/users_controller_test.rb
@@ -446,7 +446,7 @@ class UsersControllerTest < ActionController::TestCase
 
   context "when user is logged in" do
     test "#login redirects to previous url" do
-      @previous_url = "/bookmarks"
+      @previous_url = "http://test.host/bookmarks"
       get :login, session: set_session_user
       request.env['HTTP_REFERER'] = @previous_url