diff --git a/src/doc/files/js/chmRelative.js b/src/doc/files/js/chmRelative.js
index 348dd29..f32a893 100644
--- a/src/doc/files/js/chmRelative.js
+++ b/src/doc/files/js/chmRelative.js
@@ -1 +1,12 @@
-function relativelnk(a){var b,c;b=location.href.search(/:/)==2?14:7;c=location.href.lastIndexOf("\\")+1;a="file:///"+location.href.substring(b,c)+a;location.href=a};
\ No newline at end of file
+function relativelnk(a){
+    // Simple path validation: allow only relative filenames (no slashes, no colon, no protocol)
+    if (typeof a !== 'string' || a.match(/^[a-zA-Z0-9_.-]+$/) === null) {
+        console.error('Invalid path for redirect');
+        return;
+    }
+    var b, c;
+    b = location.href.search(/:/)==2 ? 14 : 7;
+    c = location.href.lastIndexOf("\\")+1;
+   a = "file:///" + location.href.substring(b, c) + a;
+   location.href = a;
+};
\ No newline at end of file