* [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization
@ 2026-02-24 13:54 Shannon Sterz
0 siblings, 0 replies; only message in thread
From: Shannon Sterz @ 2026-02-24 13:54 UTC (permalink / raw)
To: yew-devel
this should fix a bug that broke compatability with google's oauth
implementation, which seems to regularly use values requiring url
encoding.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
tested this against google's o auth provider following this guide:
https://chriscolotti.us/technology/using-google-workspace-oauth-with-proxmox/
set the "Authorized JavaScript origins" and "Authorized redirect URIs"
to "https://pdm-test.erna.proxmox.com:8443" and added a line to my
`/etc/hosts` to make that name resolution work as intended.
src/utils/mod.rs | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/utils/mod.rs b/src/utils/mod.rs
index 600e436..c007286 100644
--- a/src/utils/mod.rs
+++ b/src/utils/mod.rs
@@ -258,7 +258,9 @@ pub fn openid_redirection_authorization() -> Option<HashMap<String, String>> {
match (key_value.next(), key_value.next()) {
(Some("?code") | Some("code"), Some(value)) => {
- auth.insert("code".to_string(), value.to_string());
+ if let Ok(code) = percent_decode(value.as_bytes()).decode_utf8() {
+ auth.insert("code".to_string(), code.to_string());
+ }
}
(Some("?state") | Some("state"), Some(value)) => {
if let Ok(decoded) = percent_decode(value.as_bytes()).decode_utf8() {
--
2.47.3
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-02-24 13:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-02-24 13:54 [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization Shannon Sterz
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.