summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMorris Jobke <hey@morrisjobke.de>2019-01-23 18:29:18 +0100
committerGitHub <noreply@github.com>2019-01-23 18:29:18 +0100
commitd549954024144c6ac220edb757efea75fbaf17ff (patch)
tree7b687ebaa4102249a5a71c5aa58afe1ef6394bad
parent2767139ca9107b0aff9cfba0e9c0674011bedece (diff)
parente3de4edc51b5a7444f99f4b4ca5ce9f70b3b3e8c (diff)
downloadnextcloud-server-d549954024144c6ac220edb757efea75fbaf17ff.tar.gz
nextcloud-server-d549954024144c6ac220edb757efea75fbaf17ff.zip
Merge pull request #13766 from nextcloud/fix/13757/urlencode_requesttoken
Urlencode the requesttoken
-rw-r--r--lib/private/legacy/user.php2
-rw-r--r--tests/lib/NavigationManagerTest.php2
2 files changed, 2 insertions, 2 deletions
diff --git a/lib/private/legacy/user.php b/lib/private/legacy/user.php
index ab87c484db4..3d4dc5cc982 100644
--- a/lib/private/legacy/user.php
+++ b/lib/private/legacy/user.php
@@ -270,7 +270,7 @@ class OC_User {
}
$logoutUrl = $urlGenerator->linkToRouteAbsolute('core.login.logout');
- $logoutUrl .= '?requesttoken=' . \OCP\Util::callRegister();
+ $logoutUrl .= '?requesttoken=' . urlencode(\OCP\Util::callRegister());
return $logoutUrl;
}
diff --git a/tests/lib/NavigationManagerTest.php b/tests/lib/NavigationManagerTest.php
index 6649aba28b6..f552bd2eeed 100644
--- a/tests/lib/NavigationManagerTest.php
+++ b/tests/lib/NavigationManagerTest.php
@@ -270,7 +270,7 @@ class NavigationManagerTest extends TestCase {
'logout' => [
'id' => 'logout',
'order' => 99999,
- 'href' => 'https://example.com/logout?requesttoken='. \OCP\Util::callRegister(),
+ 'href' => 'https://example.com/logout?requesttoken='. urlencode(\OCP\Util::callRegister()),
'icon' => '/apps/core/img/actions/logout.svg',
'name' => 'Log out',
'active' => false,