diff --git a/oauthproxy.go b/oauthproxy.go
index dd69d6a..16adf22 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -476,7 +476,7 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
 	}
 
 	redirect := req.Form.Get("state")
-	if redirect == "" {
+	if !strings.HasPrefix(redirect, "/") {
 		redirect = "/"
 	}