Add URL encoding to TOTP QR code URL

Add RFC 3986 URI encoding to the account label in accordance with the Google Authenticator specification to ensure the QR code is properly generated for usernames with special characters in them. Bug: T136269 Change-Id: I18175c9a3c9a45346fa7a227a5209194385c6696
2024-11-12 09:37:23 +00:00 · 2016-05-26 12:17:00 -04:00 · 2016-05-26 12:17:00 -04:00 · 7b8a68fd5a
parent 079877734c
commit 7b8a68fd5a
1 changed files with 3 additions and 3 deletions
--- a/special/SpecialOATHEnable.php
+++ b/special/SpecialOATHEnable.php
@ -82,9 +82,9 @@ class SpecialOATHEnable extends FormSpecialPage {
 				array( 'ext.oathauth' ),
 				new XmlJsCode(
 					'function () {'
-                    . '$("#qrcode").qrcode("otpauth://totp/'
-                    . $this->OATHUser->getAccount()
-                    . '?secret=' . $secret. '");'
+					. '$("#qrcode").qrcode("otpauth://totp/'
+					. rawurlencode( $this->OATHUser->getAccount() )
+					. '?secret=' . $secret . '");'
 					. '}'
 				)
 			) )