You are here: Foswiki>Tasks Web>Item10505 (17 Dec 2011, GeorgeClark)Edit Attach

Item10505: Double encoding of formfields when redirected through login

Priority: Normal
Current State: Closed
Released In: 1.1.4
Target Release: patch
Applies To: Engine
Component: DataForms, UrlHandling
Reported By: GeorgeClark
Waiting For:
Last Change By: GeorgeClark
Visit System/PerlDoc without a session, and submit a module - Foswiki::Func.

URL becomes

Click Login - URL becomes

Note that the %3A has been encoded to %25%3A

Complete login, Module field has been corrupted to Foswiki%3A%3AFunc

If this were to happen on a longer more complex form with the fields out of view, it seems as though the user could then submit the form and corrupt data without realizing that the form field had changed.

-- GeorgeClark - 18 Mar 2011

With me URL params also get double encoded with form data (not only form fields) after Foswiki::Func::redirectCgiQuery.

-- ArthurClemens - 26 Apr 2011

This appears to have been fixed somewhere along the way in 1.1.4. Marking as waiting for release.

-- GeorgeClark - 03 Nov 2011

ItemTemplate edit

Summary Double encoding of formfields when redirected through login
ReportedBy GeorgeClark
Codebase 1.1.3, trunk
SVN Range
AppliesTo Engine
Component DataForms, UrlHandling
Priority Normal
CurrentState Closed
TargetRelease patch
ReleasedIn 1.1.4
Topic revision: r5 - 17 Dec 2011, GeorgeClark
The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. See Copyright Statement. Creative Commons License    Legal Imprint    Privacy Policy