Skip to content

Commit

Permalink
Fix to correctly handle save and save and next buttons
Browse files Browse the repository at this point in the history
  • Loading branch information
@iliajie
iliajie committed Apr 17, 2024
1 parent 6f1b0db commit e2cf926
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions config-lib.pl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -428,21 +428,22 @@ sub hidden_config_cparams
sub link_config_cparams
{
my ($m, $in, $keep) = @_;
my $url = "/$m";
my $url = "/$m/";
my @w;
if ($in->{'_cscript'}) {
if ($keep) {
$url .= "/".$in->{'_cscript'};
push(@w, "_cscript=".&urlize(&un_urlize($in->{'_cscript'})));
}
else {
push(@w, "_cscript=".&urlize($in->{'_cscript'}));
$url .= $in->{'_cscript'};
}
}
foreach my $k (keys %$in) {
if ($k =~ /^_cparam_(.*)$/) {
$n = $1;
foreach my $v (split(/\0/, $in{$k})) {
push(@w, &urlize($keep ? $k : $n)."=".&urlize($v));
push(@w, &urlize($keep ? &un_urlize($k) :

This comment has been minimized.

Sign in to view

Copy link
@jcameron

jcameron Apr 17, 2024

Collaborator

Hang on, what are these extra calls to un_urlize for??

This comment has been minimized.

Sign in to view

Copy link
@iliajie

iliajie Apr 17, 2024

Author Collaborator

When you click Save and Next button a few times, URL params get double encoded, and it breaks everything.

This comment has been minimized.

Sign in to view

Copy link
@jcameron

jcameron Apr 17, 2024

Collaborator

I don't see this, at least not with the old theme. Which module did you see it in?

This comment has been minimized.

Sign in to view

Copy link
@iliajie

iliajie Apr 17, 2024

Author Collaborator

Both themes are affected. Any module. I tried with Users and Groups module. Try adding extra few params to the config button, enter module config, and click around, then click Save and Next a few times and then Save button.

This comment has been minimized.

Sign in to view

Copy link
@jcameron

jcameron Apr 18, 2024

Collaborator

The fix around like 435 is definitely needed, but I am not seeing double-encoding anywhere. What's the exact sequence of clicks?

This comment has been minimized.

Sign in to view

Copy link
@iliajie

iliajie Apr 18, 2024

Author Collaborator

I tried with:

/useradmin/index.cgi?yyyy2-2=2&xxxx+qqqqq1=ab-cd-12

But I have re-ran tests and it appears that the bug was caused by the other issue that was fixed earlier. There is no need to run extra un_urlize. I have fixed that 73150b7.

This comment has been minimized.

Sign in to view

Copy link
@jcameron

jcameron Apr 19, 2024

Collaborator

Great thanks!
&un_urlize($n))."=".&urlize(&un_urlize($v)));
}
}
}
Expand Down

0 comments on commit e2cf926

Please sign in to comment.