Issue 14295: Store the return url as hex string

author Michael <heluecht@pirati.ca>

Sun, 14 Jul 2024 11:14:37 +0000 (11:14 +0000)

committer Michael <heluecht@pirati.ca>

Sun, 14 Jul 2024 11:14:37 +0000 (11:14 +0000)
author Michael <heluecht@pirati.ca>
Sun, 14 Jul 2024 11:14:37 +0000 (11:14 +0000)
committer Michael <heluecht@pirati.ca>
Sun, 14 Jul 2024 11:14:37 +0000 (11:14 +0000)
diff --git a/src/Content/Text/HTML.php b/src/Content/Text/HTML.php

index 587c608de91297d69ea46ad4431851370fcc6860..1a78036cbda6811a634a2d6f0f2d571ca3d6e5a4 100644 (file)
--- a/src/Content/Text/HTML.php
+++ b/src/Content/Text/HTML.php
@@ -868,7 +868,7 @@ class HTML
                         '$save_label'   => $save_label,
                         '$search_hint'  => DI::l10n()->t('@name, !group, #tags, content'),
                         '$mode'         => $mode,
-                       '$return_url'   => urlencode(Search::getSearchPath($s)),
+                       '$return_url'   => bin2hex(Search::getSearchPath($s)),
                 ];
  
                 if (!$aside) {
diff --git a/src/Content/Widget/SavedSearches.php b/src/Content/Widget/SavedSearches.php

index d0917e7cb64a29300b257c9e21d309265de01321..6881b0449af2b127397dc3c0b90ce6afdf4bfa5b 100644 (file)
--- a/src/Content/Widget/SavedSearches.php
+++ b/src/Content/Widget/SavedSearches.php
@@ -61,7 +61,7 @@ class SavedSearches
                         '$add'        => '',
                         '$searchbox'  => '',
                         '$saved'      => $saved,
-                       '$return_url' => urlencode($return_url),
+                       '$return_url' => bin2hex($return_url),
                 ]);
         }
  }
diff --git a/src/Module/Post/Tag/Remove.php b/src/Module/Post/Tag/Remove.php

index 9636cbba27f2789d0ef57e254ff32f1e0af5d746..f021bad3f9ef0a2a6b9715768dc6c27fbcd67018 100644 (file)
--- a/src/Module/Post/Tag/Remove.php
+++ b/src/Module/Post/Tag/Remove.php
@@ -68,7 +68,7 @@ class Remove extends \Friendica\BaseModule
  
         protected function content(array $request = []): string
         {
-               $returnUrl = $request['return'] ?? '';
+               $returnUrl = hex2bin($request['return'] ?? '');
  
                 if (!$this->session->getLocalUserId()) {
                         $this->baseUrl->redirect($returnUrl);
diff --git a/src/Module/Search/Saved.php b/src/Module/Search/Saved.php

index bbe1757e46ca113f68c68dd7b20660a36613dbff..9bef4d6ba55ba47d0b90957f0d69ce097c5ef06b 100644 (file)
--- a/src/Module/Search/Saved.php
+++ b/src/Module/Search/Saved.php
@@ -48,7 +48,11 @@ class Saved extends BaseModule
                 $action = $this->args->get(2, 'none');
                 $search = trim(rawurldecode($_GET['term'] ?? ''));
  
-               $return_url = $_GET['return_url'] ?? Search::getSearchPath($search);
+               if (!empty($_GET['return_url'])) {
+                       $return_url = hex2bin($_GET['return_url']);
+               } else {
+                       $return_url = Search::getSearchPath($search);
+               }
  
                 if (DI::userSession()->getLocalUserId() && $search) {
                         switch ($action) {
author	Michael <heluecht@pirati.ca>
	Sun, 14 Jul 2024 11:14:37 +0000 (11:14 +0000)
committer	Michael <heluecht@pirati.ca>
	Sun, 14 Jul 2024 11:14:37 +0000 (11:14 +0000)
src/Content/Text/HTML.php		patch \| blob \| history
src/Content/Widget/SavedSearches.php		patch \| blob \| history
src/Module/Post/Tag/Remove.php		patch \| blob \| history
src/Module/Search/Saved.php		patch \| blob \| history