diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2015-02-19 16:20:41 +0100 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-02-19 16:20:41 +0100 |
| commit | bdc503b03d2f7baa2f0ac9a64264b29c7da83a92 (patch) | |
| tree | 1347dcfebfc88272a452004f218e08fd5e7a105d /settings | |
| parent | 7cd3f17d9c4d32e7b895c3fb7160ded5d785db3a (diff) | |
| parent | 0ea6de2f8c3465ae87e5a131dfe0a8d66e1dcc5d (diff) | |
| download | nextcloud-server-bdc503b03d2f7baa2f0ac9a64264b29c7da83a92.tar.gz nextcloud-server-bdc503b03d2f7baa2f0ac9a64264b29c7da83a92.zip | |
Merge pull request #14295 from owncloud/encode-request-token-for-avatars
Encode Requesttoken for avatars
Diffstat (limited to 'settings')
| -rw-r--r-- | settings/js/personal.js | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/settings/js/personal.js b/settings/js/personal.js index 0cf0cd81a7b..1202d9743d2 100644 --- a/settings/js/personal.js +++ b/settings/js/personal.js @@ -110,7 +110,7 @@ function showAvatarCropper () { var $cropperImage = $('#cropper img'); $cropperImage.attr('src', - OC.generateUrl('/avatar/tmp') + '?requesttoken=' + oc_requesttoken + '#' + Math.floor(Math.random() * 1000)); + OC.generateUrl('/avatar/tmp') + '?requesttoken=' + encodeURIComponent(oc_requesttoken) + '#' + Math.floor(Math.random() * 1000)); // Looks weird, but on('load', ...) doesn't work in IE8 $cropperImage.ready(function () { @@ -311,7 +311,7 @@ $(document).ready(function () { var url = OC.generateUrl( '/avatar/{user}/{size}', {user: OC.currentUser, size: 1} - ) + '?requesttoken=' + oc_requesttoken; + ) + '?requesttoken=' + encodeURIComponent(oc_requesttoken); $.get(url, function (result) { if (typeof(result) === 'object') { $('#removeavatar').hide(); |