* [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization
@ 2026-02-24 13:54 Shannon Sterz
2026-03-19 13:01 ` Shannon Sterz
0 siblings, 1 reply; 2+ messages in thread
From: Shannon Sterz @ 2026-02-24 13:54 UTC (permalink / raw)
To: yew-devel
this should fix a bug that broke compatability with google's oauth
implementation, which seems to regularly use values requiring url
encoding.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
tested this against google's o auth provider following this guide:
https://chriscolotti.us/technology/using-google-workspace-oauth-with-proxmox/
set the "Authorized JavaScript origins" and "Authorized redirect URIs"
to "https://pdm-test.erna.proxmox.com:8443" and added a line to my
`/etc/hosts` to make that name resolution work as intended.
src/utils/mod.rs | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/utils/mod.rs b/src/utils/mod.rs
index 600e436..c007286 100644
--- a/src/utils/mod.rs
+++ b/src/utils/mod.rs
@@ -258,7 +258,9 @@ pub fn openid_redirection_authorization() -> Option<HashMap<String, String>> {
match (key_value.next(), key_value.next()) {
(Some("?code") | Some("code"), Some(value)) => {
- auth.insert("code".to_string(), value.to_string());
+ if let Ok(code) = percent_decode(value.as_bytes()).decode_utf8() {
+ auth.insert("code".to_string(), code.to_string());
+ }
}
(Some("?state") | Some("state"), Some(value)) => {
if let Ok(decoded) = percent_decode(value.as_bytes()).decode_utf8() {
--
2.47.3
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization
2026-02-24 13:54 [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization Shannon Sterz
@ 2026-03-19 13:01 ` Shannon Sterz
0 siblings, 0 replies; 2+ messages in thread
From: Shannon Sterz @ 2026-03-19 13:01 UTC (permalink / raw)
To: Shannon Sterz; +Cc: yew-devel
for reference this was applied:
https://git.proxmox.com/?p=ui/proxmox-yew-comp.git;a=commit;h=38cf08ad2d8a13645c37be10b2062f33a2ac66f4
On Tue Feb 24, 2026 at 2:54 PM CET, Shannon Sterz wrote:
> this should fix a bug that broke compatability with google's oauth
> implementation, which seems to regularly use values requiring url
> encoding.
>
> Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
> ---
>
> tested this against google's o auth provider following this guide:
>
> https://chriscolotti.us/technology/using-google-workspace-oauth-with-proxmox/
>
> set the "Authorized JavaScript origins" and "Authorized redirect URIs"
> to "https://pdm-test.erna.proxmox.com:8443" and added a line to my
> `/etc/hosts` to make that name resolution work as intended.
>
> src/utils/mod.rs | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/src/utils/mod.rs b/src/utils/mod.rs
> index 600e436..c007286 100644
> --- a/src/utils/mod.rs
> +++ b/src/utils/mod.rs
> @@ -258,7 +258,9 @@ pub fn openid_redirection_authorization() -> Option<HashMap<String, String>> {
>
> match (key_value.next(), key_value.next()) {
> (Some("?code") | Some("code"), Some(value)) => {
> - auth.insert("code".to_string(), value.to_string());
> + if let Ok(code) = percent_decode(value.as_bytes()).decode_utf8() {
> + auth.insert("code".to_string(), code.to_string());
> + }
> }
> (Some("?state") | Some("state"), Some(value)) => {
> if let Ok(decoded) = percent_decode(value.as_bytes()).decode_utf8() {
> --
> 2.47.3
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-03-19 13:01 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-02-24 13:54 [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization Shannon Sterz
2026-03-19 13:01 ` Shannon Sterz
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.