verascan - xss issue

当选择policy scan type 去做verascan时，针对 window.location.href我们得到了 cross-Site-Script 和 Insufficient Input Validation 的错误。具体代码如下：

window.location.href = this.impactservice.getDownloadDataUrl(this.projectId);

解决方法：

1. 

window.location.assign(this.impactservice.getDownloadDataUrl(this.projectId));

2.

 window.location.href = decodeURIComponent(res.body.url);