Fix for XSS issue in bug 66608
Generate the URL used for loading a new page in Javascript,
instead of relying on the URL in the link that has been clicked
(as that could have been crafted by an attacker).
Bug: 66608
Change-Id: I19e2bf3af017a37c35cbadce9a70194aac693f33