It seems your URL is not valid.
Please see the following rules:
Returns true if the given redirect target is valid according to the following list of requirements:
- The target is neither null nor an empty string
- The target is not an URL which is identified by the character sequence :// separating the scheme from the host
- The target is normalized such that it contains no consecutive slashes and no path segment contains a single or double dot
- The target must be prefixed with the servlet context path
- If a ResourceResolver is available as a request attribute the target (without the servlet context path prefix) must resolve to an existing resource
- If a ResourceResolver is not available as a request attribute the target must be an absolute path starting with a slash character does not contain any of the characters <, >, ', or " in plain or URL encoding
If any of the conditions does not hold, the method returns false and logs a warning level message with the org.apache.sling.auth.core.AuthUtil logger.