diff options
| author | Marco Ziech <marco@ziech.net> | 2021-01-24 14:18:28 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-24 14:18:28 +0100 |
| commit | 4923c6be2537ff4c1fc4d4c9720cc65945854845 (patch) | |
| tree | ffe14a6d4523bcfbc165adbea8850848c0781c32 /lib | |
| parent | 48854f26a6c3aaa0fa6ee64d5e7ac2d2b677b3db (diff) | |
| download | nextcloud-server-4923c6be2537ff4c1fc4d4c9720cc65945854845.tar.gz nextcloud-server-4923c6be2537ff4c1fc4d4c9720cc65945854845.zip | |
Use RFC-compliant URL encoding for cookies
PHP 7.4.2 changed the way how cookies are decoded, applying RFC-compliant raw URL decoding. This leads to a conflict Nextcloud's own cookie encoding, breaking the remember-me function if the UID contains a space character.
Fixes #24438
Signed-off-by: Marco Ziech <marco@ziech.net>
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/Http/CookieHelper.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/Http/CookieHelper.php b/lib/private/Http/CookieHelper.php index f7b871c5001..122f4907b2a 100644 --- a/lib/private/Http/CookieHelper.php +++ b/lib/private/Http/CookieHelper.php @@ -43,7 +43,7 @@ class CookieHelper { $header = sprintf( 'Set-Cookie: %s=%s', $name, - urlencode($value) + rawurlencode($value) ); if ($path !== '') { |