Item13903: Redirect for authentication breaks utf8 topic names.

• Login with a user that does not have create access on a web.
• Create a topic using a utf-8 name eg. AaŽuŽu
• Oops screen reports "To login as another user please do so here." ... click the "here" link, with redirects to the Login page:

  • http://mytestsite/bin/login/Aaaronsweb/Aa%C5%BDu%C5%BDu?foswiki_origin=GET%2cedit%2c/bin/edit/Aaaronsweb/%3ft%3d1451019284%26onlynewtopic%3don%26topic%3dAa%25C5%25BDu%25C5%25BDu%26onlywikiname%3don%26topicparent%3dWebHome%26templatetopic%3d

  • Login as admin
  • Which reports a new oops Attention, WebHome already exists.

  • http://mytestsite/bin/edit/Aaaronsweb/?validation_key=bf3100ae9119b1e6e476e222718f4ce7;t=1451019284;onlynewtopic=on;topic=Aa%25C5%25BDu%25C5%25BDu;onlywikiname=on;topicparent=WebHome;templatetopic=

-- GeorgeClark - 25 Dec 2015

It appears that the URL has been URL-encoded a 2nd time. So the encoded UTF-8 characters %C5%BD were transformed to %25C5%25BD

-- GeorgeClark - 25 Dec 2015

I have a fix, but it doesn't "feel right". The LoginManager in the _packRequest utility needs to urlDecode the uri before packing it, so that it isn't double encoded.

diff --git a/core/lib/Foswiki/LoginManager/TemplateLogin.pm b/core/lib/Foswiki/LoginManager/TemplateLogin.pm
index c28134e..f96361a 100755
--- a/core/lib/Foswiki/LoginManager/TemplateLogin.pm
+++ b/core/lib/Foswiki/LoginManager/TemplateLogin.pm
@@ -61,6 +61,7 @@ sub _packRequest {
     if ( ref($uri) ) {    # first parameter is a $session
         my $r = $uri->{request};
         $uri    = $r->uri();
+        $uri    = Foswiki::urlDecode( $uri );
         $method = $r->method() || 'UNDEFINED';
         $action = $r->action();
     }

-- GeorgeClark - 25 Dec 2015

Yup, that looks spot on. I couldn't find the right place to do this myself, but this looks right.

-- Main.CrawfordCurrie - 28 Dec 2015 - 07:30

Commenting is disabled while not logged in