From: "Shannon Sterz" <s.sterz@proxmox.com>
To: "Shannon Sterz" <s.sterz@proxmox.com>
Cc: yew-devel@lists.proxmox.com
Subject: Re: [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization
Date: Thu, 19 Mar 2026 14:01:05 +0100 [thread overview]
Message-ID: <DH6S0WUANGGO.EYMZS3TAWOEL@proxmox.com> (raw)
In-Reply-To: <20260224135428.234018-1-s.sterz@proxmox.com>
for reference this was applied:
https://git.proxmox.com/?p=ui/proxmox-yew-comp.git;a=commit;h=38cf08ad2d8a13645c37be10b2062f33a2ac66f4
On Tue Feb 24, 2026 at 2:54 PM CET, Shannon Sterz wrote:
> this should fix a bug that broke compatability with google's oauth
> implementation, which seems to regularly use values requiring url
> encoding.
>
> Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
> ---
>
> tested this against google's o auth provider following this guide:
>
> https://chriscolotti.us/technology/using-google-workspace-oauth-with-proxmox/
>
> set the "Authorized JavaScript origins" and "Authorized redirect URIs"
> to "https://pdm-test.erna.proxmox.com:8443" and added a line to my
> `/etc/hosts` to make that name resolution work as intended.
>
> src/utils/mod.rs | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/src/utils/mod.rs b/src/utils/mod.rs
> index 600e436..c007286 100644
> --- a/src/utils/mod.rs
> +++ b/src/utils/mod.rs
> @@ -258,7 +258,9 @@ pub fn openid_redirection_authorization() -> Option<HashMap<String, String>> {
>
> match (key_value.next(), key_value.next()) {
> (Some("?code") | Some("code"), Some(value)) => {
> - auth.insert("code".to_string(), value.to_string());
> + if let Ok(code) = percent_decode(value.as_bytes()).decode_utf8() {
> + auth.insert("code".to_string(), code.to_string());
> + }
> }
> (Some("?state") | Some("state"), Some(value)) => {
> if let Ok(decoded) = percent_decode(value.as_bytes()).decode_utf8() {
> --
> 2.47.3
prev parent reply other threads:[~2026-03-19 13:01 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-24 13:54 Shannon Sterz
2026-03-19 13:01 ` Shannon Sterz [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=DH6S0WUANGGO.EYMZS3TAWOEL@proxmox.com \
--to=s.sterz@proxmox.com \
--cc=yew-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.