diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2015-02-17 15:25:38 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2015-02-17 15:25:38 +0100 |
| commit | 0ea6de2f8c3465ae87e5a131dfe0a8d66e1dcc5d (patch) | |
| tree | 45ce0fea640522d23912c2015d355ec7ecdc0f97 /settings | |
| parent | 8e6a7350f9aaad05701bfd77d21d912c6e4ce13d (diff) | |
| download | nextcloud-server-0ea6de2f8c3465ae87e5a131dfe0a8d66e1dcc5d.tar.gz nextcloud-server-0ea6de2f8c3465ae87e5a131dfe0a8d66e1dcc5d.zip | |
Encode Requesttoken for avatars
Fixes new avatar selection in master half, other half will work when https://github.com/owncloud/core/pull/14266 has get merged.
Shocking to see how much places in our code do it wrong :gun:
Diffstat (limited to 'settings')
| -rw-r--r-- | settings/js/personal.js | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/settings/js/personal.js b/settings/js/personal.js index 0cf0cd81a7b..1202d9743d2 100644 --- a/settings/js/personal.js +++ b/settings/js/personal.js @@ -110,7 +110,7 @@ function showAvatarCropper () { var $cropperImage = $('#cropper img'); $cropperImage.attr('src', - OC.generateUrl('/avatar/tmp') + '?requesttoken=' + oc_requesttoken + '#' + Math.floor(Math.random() * 1000)); + OC.generateUrl('/avatar/tmp') + '?requesttoken=' + encodeURIComponent(oc_requesttoken) + '#' + Math.floor(Math.random() * 1000)); // Looks weird, but on('load', ...) doesn't work in IE8 $cropperImage.ready(function () { @@ -311,7 +311,7 @@ $(document).ready(function () { var url = OC.generateUrl( '/avatar/{user}/{size}', {user: OC.currentUser, size: 1} - ) + '?requesttoken=' + oc_requesttoken; + ) + '?requesttoken=' + encodeURIComponent(oc_requesttoken); $.get(url, function (result) { if (typeof(result) === 'object') { $('#removeavatar').hide(); |