https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=22223 Bug ID: 22223 Summary: Item url double-encode when parameter is an encoded URL Change sponsored?: --- Product: Koha Version: master Hardware: All OS: All Status: NEW Severity: normal Priority: P5 - low Component: OPAC Assignee: oleonard@myacpl.org Reporter: dcook@prosentient.com.au QA Contact: testopia@bugs.koha-community.org Target Milestone: --- The following use of the "url" filter is problematic: [% IF Koha.Preference("OPACURLOpenInNewWindow") %] <a target="_blank" rel="noreferrer" href="[% ITEM_RESULT.uri | url %]" property="url">[% ITEM_RESULT.uri | html %]</a> [% ELSE %] <a href="[% ITEM_RESULT.uri | url %]" property="url">[% ITEM_RESULT.uri | html %]</a> [% END %] If ITEM_RESULT.uri is "https://idp.com?redirect_url=https%3A%2F%2Fsomewhere_else.com", then the percent signs in the argument to the "redirect_url" parameters will be encoded incorrectly and the result will be "https://idp.com?redirect_url=https%253A%252F%252Fsomewhere_else.com", which is obviously an invalid URL. Can we really expect that no one will ever include a URL with URI encoded parameters? -- You are receiving this mail because: You are watching all bug changes.