🐛 Fixed paid checkout returning to homepage instead of originating page

[9larsons]

Summary

When a member starts a paid signup or upgrade from a page other than the homepage, Portal returned them to the site root after a successful Stripe Checkout (e.g. https://example.com/?stripe=success) instead of the page where checkout began. Cancelling checkout already returned to the originating page, so the behaviour was inconsistent — and especially disruptive for paywall flows, where a member who just paid to unlock an article was bounced to the homepage instead of back to the article.

Root cause

checkoutPlan() in apps/portal/src/utils/api.js already derived a contextual cancelUrl from window.location when none was supplied, but had no equivalent fallback for successUrl. The two standard callers (signup and upgrade in apps/portal/src/actions.js) don't pass one, so successUrl arrived at the backend as undefined and Ghost fell back to the configured site-root default (stripe-api.js → checkoutSessionSuccessUrl).

Fix

Derive a contextual successUrl from window.location when none is supplied, mirroring the existing cancelUrl logic. This is the same approach continueGiftCheckout() already uses for gift flows (and matches #27643 / #27827).

No backend change is needed: sanitizeReturnUrl() already enforces that return URLs are same-origin / within the site subpath, so the contextual URL flows through safely.

Behaviour preserved

• Welcome-page tiers — the server still overrides the success URL with a configured tier welcome page (_generateSuccessUrl); the contextual URL only applies when no welcome page is set.
• New-email signup — the contextual URL becomes the post-signup magic-link referrer, so the member returns to the originating page after confirming (an improvement over the previous site-root referrer).

Tests

Added unit tests in apps/portal/test/api.test.js covering:

• contextual successUrl/cancelUrl derived from the current page when none supplied
• fallback to the site root when the current location is off-site (open-redirect guard)
• explicitly-supplied successUrl/cancelUrl are preserved

ref https://linear.app/ghost/issue/PLA-86
fixes #28369

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 69212837-c1b1-4486-b087-dd213a832a31

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch claude/pensive-bose-89dcb8

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}