[Koha-bugs] [Bug 23526] New: Shibboleth login url with query has double encoded '?' %3F
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Fri Aug 30 19:16:06 CEST 2019
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=23526
Bug ID: 23526
Summary: Shibboleth login url with query has double encoded '?'
%3F
Change sponsored?: ---
Product: Koha
Version: master
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5 - low
Component: Authentication
Assignee: koha-bugs at lists.koha-community.org
Reporter: nick at bywatersolutions.com
QA Contact: testopia at bugs.koha-community.org
CC: dpavlin at rot13.org
In login_shib_url we place an encoded '?' into the login url:
65 if ( $query->query_string() ) {
66 $param = $param . '%3F' . $query->query_string();
67 }
Then in the templates we filter that using the URL filter:
<p>If you have a Shibboleth account, please <a href="[% shibbolethLoginUrl |
url %]">click here to login</a>.</p>
The URL filter turns the % into %25 and the string comes out as
https://anykoha.bywatersolutions.com/Shibboleth.sso/Login?target=https://anykoha.bywatersolutions.com/cgi-bin/koha/opac-search.pl%253Fq=cats
This returns a 4040 on successful login
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list