diff --git a/src/components/LoginPage.js b/src/components/LoginPage.js
index 4c222a3..e432904 100644
--- a/src/components/LoginPage.js
+++ b/src/components/LoginPage.js
@@ -111,7 +111,9 @@ const LoginPage = ({ theme }) => {
       if (!values.base_url.match(/^(http|https):\/\//)) {
         errors.base_url = translate("synapseadmin.auth.protocol_error");
       } else if (
-        !values.base_url.match(/^(http|https):\/\/[a-zA-Z0-9\-.]+(:\d{1,5})?$/)
+        !values.base_url.match(
+          /^(http|https):\/\/[a-zA-Z0-9\-.]+(:\d{1,5})?[^?&\s]*$/
+        )
       ) {
         errors.base_url = translate("synapseadmin.auth.url_error");
       }
diff --git a/src/synapse/authProvider.js b/src/synapse/authProvider.js
index f36b9d1..11433a3 100644
--- a/src/synapse/authProvider.js
+++ b/src/synapse/authProvider.js
@@ -18,6 +18,7 @@ const authProvider = {
     // use the base_url from login instead of the well_known entry from the
     // server, since the admin might want to access the admin API via some
     // private address
+    base_url = base_url.replace(/\/+$/g, "");
     localStorage.setItem("base_url", base_url);
 
     const decoded_base_url = window.decodeURIComponent(base_url);