[Tickets #14148] Re: vacation, spam & forward double encoding
noreply at bugs.horde.org
noreply at bugs.horde.org
Mon Nov 2 19:32:10 UTC 2015
BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE
E-MAIL-ADRESSE WERDEN NICHT GELESEN.
Ticket-URL: https://bugs.horde.org/ticket/14148
------------------------------------------------------------------------------
Ticket | 14148
Aktualisiert Von | Jan Schneider <jan at horde.org>
Zusammenfassung | vacation, spam & forward double encoding
Warteschlange | Horde Framework Packages
Typ | Bug
Status | Feedback
Priorität | 1. Low
Milestone |
Patch |
Zuständige | Michael Rubinsky
------------------------------------------------------------------------------
Jan Schneider <jan at horde.org> (2015-11-02 20:32) hat geschrieben:
> I guess what we actually need to do is add the session id to the
> form, and not allow Horde:url to append it so we can still get a
> "clean" url.
Nope, this doesn't change anything, beside that it may happen that the
URL only contains a single parameter now, so there's no ampersand to
be double encoded. But as soon as one of these gets another parameter,
it's broken again.
Adding the session id as a form field is still better though. Actually
we shouldn't use parameters in the action URL at all, technically,
since these are POST forms, not GET forms. There is no browser that
would choke on this behaviour though.
More information about the bugs
mailing list