OAuth bits sent in query_string to MyApps are not urlencoded
Bug #1504548 reported by
Natalia Bidart
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical System Image |
Fix Released
|
High
|
Alejandro J. Cura |
Bug Description
Hello!
In MyApps we have noticed some requests coming from pay-ui look like this:
As you can see, there is a / in the query string that should be encoded. This affects signature validation in SSO, which as of today has a workaround to urlencode parameters before validating, but we like to eventually remove once pay-ui is fixed and no more issues are detected in our logs.
Thanks!
Related branches
lp:~dobey/pay-ui/escape-signed-query
- Charles Kerr (community): Approve
- PS Jenkins bot (community): Approve (continuous-integration)
-
Diff: 76 lines (+20/-3)3 files modifiedbackend/modules/payui/network.cpp (+11/-3)
backend/modules/payui/network.h (+1/-0)
backend/tests/test_network.cpp (+8/-0)
description: | updated |
Changed in pay-ui: | |
assignee: | nobody → Rodney Dawes (dobey) |
status: | New → In Progress |
importance: | Undecided → High |
Changed in canonical-devices-system-image: | |
assignee: | nobody → Alejandro J. Cura (alecu) |
status: | New → In Progress |
importance: | Undecided → High |
milestone: | none → ww02-2016 |
Changed in pay-ui: | |
status: | Fix Committed → Fix Released |
Changed in canonical-devices-system-image: | |
status: | In Progress → Fix Committed |
Changed in canonical-devices-system-image: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Fix committed into lp:pay-ui at revision 138, scheduled for release in pay-ui, milestone Unknown