diff --git a/tests/Feature/AdminPlanIndexBackLinkNotEscapedTest.php b/tests/Feature/AdminPlanIndexBackLinkNotEscapedTest.php
new file mode 100644
index 0000000..3322314
--- /dev/null
+++ b/tests/Feature/AdminPlanIndexBackLinkNotEscapedTest.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace Tests\Feature;
+
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class AdminPlanIndexBackLinkNotEscapedTest extends TestCase
+{
+    use RefreshDatabase;
+
+    protected function loginAsPlatformAdmin(): void
+    {
+        $this->seed();
+
+        $this->post('/admin/login', [
+            'email' => 'platform.admin@demo.local',
+            'password' => 'Platform@123456',
+        ])->assertRedirect('/admin');
+    }
+
+    public function test_index_back_link_should_not_escape_ampersand(): void
+    {
+        $this->loginAsPlatformAdmin();
+
+        $back = '/admin/site-subscriptions?status=activated&keyword=test';
+
+        $this->get('/admin/plans?back=' . urlencode($back))
+            ->assertOk()
+            ->assertSee('返回上一页（保留上下文）')
+            ->assertSee('href="' . $back . '"', false);
+    }
+}
diff --git a/tests/Feature/AdminPlatformOrderIndexBackLinkNotEscapedTest.php b/tests/Feature/AdminPlatformOrderIndexBackLinkNotEscapedTest.php
new file mode 100644
index 0000000..566dee6
--- /dev/null
+++ b/tests/Feature/AdminPlatformOrderIndexBackLinkNotEscapedTest.php
@@ -0,0 +1,43 @@
+<?php
+
+namespace Tests\Feature;
+
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class AdminPlatformOrderIndexBackLinkNotEscapedTest extends TestCase
+{
+    use RefreshDatabase;
+
+    protected function loginAsPlatformAdmin(): void
+    {
+        $this->seed();
+
+        $this->post('/admin/login', [
+            'email' => 'platform.admin@demo.local',
+            'password' => 'Platform@123456',
+        ])->assertRedirect('/admin');
+    }
+
+    public function test_index_back_link_should_not_escape_ampersand(): void
+    {
+        $this->loginAsPlatformAdmin();
+
+        $back = '/admin/site-subscriptions?status=activated&keyword=test';
+
+        $this->get('/admin/platform-orders?back=' . urlencode($back))
+            ->assertOk()
+            ->assertSee('返回上一页（保留上下文）')
+            // 关键护栏：必须是原样 &，不能被 escape 成 &amp;
+            ->assertSee('href="' . $back . '"', false);
+    }
+
+    public function test_index_should_not_show_back_link_when_back_is_external_url(): void
+    {
+        $this->loginAsPlatformAdmin();
+
+        $this->get('/admin/platform-orders?back=' . urlencode('https://evil.example.com/?x=1&y=2'))
+            ->assertOk()
+            ->assertDontSee('返回上一页（保留上下文）');
+    }
+}
diff --git a/tests/Feature/AdminSiteSubscriptionIndexBackLinkNotEscapedTest.php b/tests/Feature/AdminSiteSubscriptionIndexBackLinkNotEscapedTest.php
new file mode 100644
index 0000000..abfbd9b
--- /dev/null
+++ b/tests/Feature/AdminSiteSubscriptionIndexBackLinkNotEscapedTest.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace Tests\Feature;
+
+use Illuminate\Foundation\Testing\RefreshDatabase;
+use Tests\TestCase;
+
+class AdminSiteSubscriptionIndexBackLinkNotEscapedTest extends TestCase
+{
+    use RefreshDatabase;
+
+    protected function loginAsPlatformAdmin(): void
+    {
+        $this->seed();
+
+        $this->post('/admin/login', [
+            'email' => 'platform.admin@demo.local',
+            'password' => 'Platform@123456',
+        ])->assertRedirect('/admin');
+    }
+
+    public function test_index_back_link_should_not_escape_ampersand(): void
+    {
+        $this->loginAsPlatformAdmin();
+
+        $back = '/admin/platform-orders?status=pending&keyword=test';
+
+        $this->get('/admin/site-subscriptions?back=' . urlencode($back))
+            ->assertOk()
+            ->assertSee('返回上一页（保留上下文）')
+            ->assertSee('href="' . $back . '"', false);
+    }
+}