From 0ebffa4a5fb8f3fe1f220fd4c5bf3897a45557dd Mon Sep 17 00:00:00 2001 From: Christoph Wurst Date: Wed, 9 Nov 2016 16:14:46 +0100 Subject: do not double encode the redirect url Signed-off-by: Christoph Wurst --- .../AppFramework/Middleware/Security/SecurityMiddleware.php | 2 +- lib/private/legacy/util.php | 2 +- .../Middleware/Security/SecurityMiddlewareTest.php | 12 ++++++------ 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php index 183e55740ea..01a575c27c4 100644 --- a/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/SecurityMiddleware.php @@ -236,7 +236,7 @@ class SecurityMiddleware extends Middleware { $url = $this->urlGenerator->linkToRoute( 'core.login.showLoginForm', [ - 'redirect_url' => urlencode($this->request->server['REQUEST_URI']), + 'redirect_url' => $this->request->server['REQUEST_URI'], ] ); $response = new RedirectResponse($url); diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php index 5cd92eaa415..f174276945e 100644 --- a/lib/private/legacy/util.php +++ b/lib/private/legacy/util.php @@ -978,7 +978,7 @@ class OC_Util { header('Location: ' . \OC::$server->getURLGenerator()->linkToRoute( 'core.login.showLoginForm', [ - 'redirect_url' => urlencode(\OC::$server->getRequest()->getRequestUri()), + 'redirect_url' => \OC::$server->getRequest()->getRequestUri(), ] ) ); diff --git a/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php index 1fdcf485c28..da033001508 100644 --- a/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php +++ b/tests/lib/AppFramework/Middleware/Security/SecurityMiddlewareTest.php @@ -454,7 +454,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { 'server' => [ 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', - 'REQUEST_URI' => 'owncloud/index.php/apps/specialapp' + 'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp' ] ], $this->createMock(ISecureRandom::class), @@ -467,10 +467,10 @@ class SecurityMiddlewareTest extends \Test\TestCase { ->with( 'core.login.showLoginForm', [ - 'redirect_url' => 'owncloud%2Findex.php%2Fapps%2Fspecialapp', + 'redirect_url' => 'nextcloud/index.php/apps/specialapp', ] ) - ->will($this->returnValue('http://localhost/index.php/login?redirect_url=owncloud%2Findex.php%2Fapps%2Fspecialapp')); + ->will($this->returnValue('http://localhost/nextcloud/index.php/login?redirect_url=nextcloud/index.php/apps/specialapp')); $this->logger ->expects($this->once()) ->method('debug') @@ -480,7 +480,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { 'test', new NotLoggedInException() ); - $expected = new RedirectResponse('http://localhost/index.php/login?redirect_url=owncloud%2Findex.php%2Fapps%2Fspecialapp'); + $expected = new RedirectResponse('http://localhost/nextcloud/index.php/login?redirect_url=nextcloud/index.php/apps/specialapp'); $this->assertEquals($expected , $response); } @@ -489,7 +489,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { [ 'server' => [ 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', - 'REQUEST_URI' => 'owncloud/index.php/apps/specialapp', + 'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp', ], ], $this->createMock(ISecureRandom::class), @@ -535,7 +535,7 @@ class SecurityMiddlewareTest extends \Test\TestCase { 'server' => [ 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', - 'REQUEST_URI' => 'owncloud/index.php/apps/specialapp' + 'REQUEST_URI' => 'nextcloud/index.php/apps/specialapp' ] ], $this->createMock(ISecureRandom::class), -- cgit v1.2.3