Add URL encoding to TOTP QR code URL

Add RFC 3986 URI encoding to the account label in accordance with the
Google Authenticator specification to ensure the QR code is properly
generated for usernames with special characters in them.

Bug: T136269
Change-Id: I18175c9a3c9a45346fa7a227a5209194385c6696
This commit is contained in:
Tyler Romeo 2016-05-26 12:17:00 -04:00
parent 079877734c
commit 7b8a68fd5a
No known key found for this signature in database
GPG key ID: 405D34A7C86B42DF

View file

@ -82,9 +82,9 @@ class SpecialOATHEnable extends FormSpecialPage {
array( 'ext.oathauth' ),
new XmlJsCode(
'function () {'
. '$("#qrcode").qrcode("otpauth://totp/'
. $this->OATHUser->getAccount()
. '?secret=' . $secret. '");'
. '$("#qrcode").qrcode("otpauth://totp/'
. rawurlencode( $this->OATHUser->getAccount() )
. '?secret=' . $secret . '");'
. '}'
)
) )