* [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization
@ 2026-02-24 13:54 Shannon Sterz
0 siblings, 0 replies; only message in thread
From: Shannon Sterz @ 2026-02-24 13:54 UTC (permalink / raw)
To: yew-devel
this should fix a bug that broke compatability with google's oauth
implementation, which seems to regularly use values requiring url
encoding.
Signed-off-by: Shannon Sterz <s.sterz@proxmox.com>
---
tested this against google's o auth provider following this guide:
https://chriscolotti.us/technology/using-google-workspace-oauth-with-proxmox/
set the "Authorized JavaScript origins" and "Authorized redirect URIs"
to "https://pdm-test.erna.proxmox.com:8443" and added a line to my
`/etc/hosts` to make that name resolution work as intended.
src/utils/mod.rs | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/utils/mod.rs b/src/utils/mod.rs
index 600e436..c007286 100644
--- a/src/utils/mod.rs
+++ b/src/utils/mod.rs
@@ -258,7 +258,9 @@ pub fn openid_redirection_authorization() -> Option<HashMap<String, String>> {
match (key_value.next(), key_value.next()) {
(Some("?code") | Some("code"), Some(value)) => {
- auth.insert("code".to_string(), value.to_string());
+ if let Ok(code) = percent_decode(value.as_bytes()).decode_utf8() {
+ auth.insert("code".to_string(), code.to_string());
+ }
}
(Some("?state") | Some("state"), Some(value)) => {
if let Ok(decoded) = percent_decode(value.as_bytes()).decode_utf8() {
--
2.47.3
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2026-02-24 13:54 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-02-24 13:54 [PATCH yew-comp] fix #7290: url decode code value in openid redirection authorization Shannon Sterz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox