redirects in tahoe should not point to other origins

[ChosenOne]

From what I see in unlinked.py (​https://tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/src/allmydata/web/unlinked.py), most redirects could be filtered to only start with the protocol, domain and port of the web UI. I suppose this is non-trivial, but might be extracted from the HTTP request's Host header

The current redirection does not pose a severe risk, but it might at least prevent social engineering attacks in which a URL that starts with the tahoe's gw address wounds up on a completely different web page.