Escape values in URI (#1025)
This commit is contained in:
parent
a8ecd8f76a
commit
7be4088df1
|
@ -9,9 +9,10 @@ package Lemonldap::NG::Portal::IssuerDBGet;
|
|||
use strict;
|
||||
use Lemonldap::NG::Portal::Simple;
|
||||
use MIME::Base64;
|
||||
use URI::Escape;
|
||||
use base qw(Lemonldap::NG::Portal::_LibAccess);
|
||||
|
||||
our $VERSION = '1.9.3';
|
||||
our $VERSION = '2.0.0';
|
||||
|
||||
## @method void issuerDBInit()
|
||||
# Nothing to do
|
||||
|
@ -74,7 +75,6 @@ sub issuerForUnAuthUser {
|
|||
return PE_OK;
|
||||
}
|
||||
|
||||
|
||||
## @apmethod int issuerForAuthUser()
|
||||
# Manage Get request for authenticated user
|
||||
# @return Lemonldap::NG::Portal error code
|
||||
|
@ -170,6 +170,7 @@ sub computeGetParams {
|
|||
if ( exists $self->{issuerDBGetParameters} ) {
|
||||
my $issuerDBGetParameters = $self->{issuerDBGetParameters};
|
||||
foreach my $vhost ( keys %$issuerDBGetParameters ) {
|
||||
|
||||
# if vhost is matching
|
||||
if ( index( $self->{urldc}, $vhost ) != -1 ) {
|
||||
my $params = $issuerDBGetParameters->{$vhost};
|
||||
|
@ -184,8 +185,10 @@ sub computeGetParams {
|
|||
$value = eval($val);
|
||||
$self->lmLog( "Error while evaluating $val: $@", 'warn' )
|
||||
if $@;
|
||||
|
||||
# Chain GET parameters unless there are evaluation errors
|
||||
$getVars .= "&".$param."=".$value unless $@;
|
||||
$getVars .= "&" . $param . "=" . uri_escape($value)
|
||||
unless $@;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -198,10 +201,13 @@ sub computeGetParams {
|
|||
if ( $getVars ne "" ) {
|
||||
my $urldc = $self->{urldc};
|
||||
|
||||
$urldc .= ( $urldc =~ /\?\w/ ) ?
|
||||
$urldc .= ( $urldc =~ /\?\w/ )
|
||||
?
|
||||
|
||||
# there are already get variables
|
||||
"&" . $getVars
|
||||
:
|
||||
|
||||
# there are no get variables
|
||||
"?" . $getVars;
|
||||
$self->{urldc} = $urldc;
|
||||
|
@ -209,7 +215,6 @@ sub computeGetParams {
|
|||
|
||||
}
|
||||
|
||||
|
||||
sub substitute {
|
||||
my $expr = shift;
|
||||
|
||||
|
@ -224,10 +229,6 @@ sub substitute {
|
|||
return $expr;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
Loading…
Reference in New Issue
Block a user