Browse Source
do not double encode the redirect url
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>tags/v11.0RC2
Christoph Wurst
7 years ago
3 changed files with 8 additions and 8 deletions
+ 1
- 1
lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php
View File
| @@ -236,7 +236,7 @@ class SecurityMiddleware extends Middleware { | |||
| $url = $this->urlGenerator->linkToRoute( | |||
| 'core.login.showLoginForm', | |||
| [ | |||
| 'redirect_url' => urlencode($this->request->server['REQUEST_URI']), | |||
| 'redirect_url' => $this->request->server['REQUEST_URI'], | |||
| ] | |||
| ); | |||
| $response = new RedirectResponse($url); | |||
+ 1
- 1
lib/private/legacy/util.php
View File
| @@ -978,7 +978,7 @@ class OC_Util { | |||
| header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute( | |||
| 'core.login.showLoginForm', | |||
| [ | |||
| 'redirect_url' => urlencode(\OC::$server->getRequest()->getRequestUri()), | |||
| 'redirect_url' => \OC::$server->getRequest()->getRequestUri(), | |||
| ] | |||
| ) | |||
| ); | |||
+ 6
- 6
tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php
View File
| @@ -454,7 +454,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
| 'server' => | |||
| [ | |||
| 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', | |||
| 'REQUEST_URI' => 'owncloud/index.php/apps/specialapp' | |||
| 'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp' | |||
| ] | |||
| ], | |||
| $this->createMock(ISecureRandom::class), | |||
| @@ -467,10 +467,10 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
| ->with( | |||
| 'core.login.showLoginForm', | |||
| [ | |||
| 'redirect_url' => 'owncloud%2Findex.php%2Fapps%2Fspecialapp', | |||
| 'redirect_url' => 'nextcloud/index.php/apps/specialapp', | |||
| ] | |||
| ) | |||
| ->will($this->returnValue('http://localhost/index.php/login?redirect_url=owncloud%2Findex.php%2Fapps%2Fspecialapp')); | |||
| ->will($this->returnValue('http://localhost/nextcloud/index.php/login?redirect_url=nextcloud/index.php/apps/specialapp')); | |||
| $this->logger | |||
| ->expects($this->once()) | |||
| ->method('debug') | |||
| @@ -480,7 +480,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
| 'test', | |||
| new NotLoggedInException() | |||
| ); | |||
| $expected = new RedirectResponse('http://localhost/index.php/login?redirect_url=owncloud%2Findex.php%2Fapps%2Fspecialapp'); | |||
| $expected = new RedirectResponse('http://localhost/nextcloud/index.php/login?redirect_url=nextcloud/index.php/apps/specialapp'); | |||
| $this->assertEquals($expected , $response); | |||
| } | |||
| @@ -489,7 +489,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
| [ | |||
| 'server' => [ | |||
| 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', | |||
| 'REQUEST_URI' => 'owncloud/index.php/apps/specialapp', | |||
| 'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp', | |||
| ], | |||
| ], | |||
| $this->createMock(ISecureRandom::class), | |||
| @@ -535,7 +535,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { | |||
| 'server' => | |||
| [ | |||
| 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', | |||
| 'REQUEST_URI' => 'owncloud/index.php/apps/specialapp' | |||
| 'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp' | |||
| ] | |||
| ], | |||
| $this->createMock(ISecureRandom::class), | |||
Loading…