diff --git a/backend/routes/clickTtHttpPageRoutes.js b/backend/routes/clickTtHttpPageRoutes.js
index f195ba57..25f606a7 100644
--- a/backend/routes/clickTtHttpPageRoutes.js
+++ b/backend/routes/clickTtHttpPageRoutes.js
@@ -104,6 +104,13 @@ router.get('/proxy', async (req, res, next) => {
       .replace(/<meta[^>]*http-equiv=["']x-frame-options["'][^>]*>/gi, '')
       .replace(/<meta[^>]*http-equiv=["']x-content-type-options["'][^>]*>/gi, '');
 
+    // Base-Tag: Relative URLs (z.B. Formular-Actions beim Login) müssen zur Original-Domain auflösen
+    const pageOrigin = (() => { try { return new URL(targetUrl).origin + '/'; } catch { return null; } })();
+    if (pageOrigin) {
+      html = html.replace(/<base[^>]*>/gi, '');
+      html = html.replace(/<head([^>]*)>/i, `<head$1><base href="${pageOrigin}">`);
+    }
+
     // Links umschreiben: Klicks im iframe laufen über unseren Proxy → Folge-Logs
     // URL aus .env (BACKEND_BASE_URL oder BASE_URL), Fallback: Request-Host
     const baseUrl = process.env.BACKEND_BASE_URL || process.env.BASE_URL