From a6ddda38ae3f5988926204f536910d2c68482387 Mon Sep 17 00:00:00 2001 From: Flashfyre Date: Thu, 18 Apr 2024 20:02:04 -0400 Subject: [PATCH] Properly encode credentials --- src/ui/login-form-ui-handler.ts | 2 +- src/ui/registration-form-ui-handler.ts | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ui/login-form-ui-handler.ts b/src/ui/login-form-ui-handler.ts index c7268019f29..ce6a28b5290 100644 --- a/src/ui/login-form-ui-handler.ts +++ b/src/ui/login-form-ui-handler.ts @@ -62,7 +62,7 @@ export default class LoginFormUiHandler extends FormModalUiHandler { const headers = { 'Content-Type': contentType, }; - fetch(`${Utils.apiUrl}/account/login`, { method: 'POST', headers: headers, body: `username=${this.inputs[0].text}&password=${this.inputs[1].text}` }) + fetch(`${Utils.apiUrl}/account/login`, { method: 'POST', headers: headers, body: `username=${encodeURIComponent(this.inputs[0].text)}&password=${encodeURIComponent(this.inputs[1].text)}` }) .then(response => { if (!response.ok) return response.text(); diff --git a/src/ui/registration-form-ui-handler.ts b/src/ui/registration-form-ui-handler.ts index 93dcf5f5910..d15df22bd85 100644 --- a/src/ui/registration-form-ui-handler.ts +++ b/src/ui/registration-form-ui-handler.ts @@ -77,11 +77,11 @@ export default class RegistrationFormUiHandler extends FormModalUiHandler { const headers = { 'Content-Type': contentType, }; - fetch(`${Utils.apiUrl}/account/register`, { method: 'POST', headers: headers, body: `username=${this.inputs[0].text}&password=${this.inputs[1].text}` }) + fetch(`${Utils.apiUrl}/account/register`, { method: 'POST', headers: headers, body: `username=${encodeURIComponent(this.inputs[0].text)}&password=${encodeURIComponent(this.inputs[1].text)}` }) .then(response => response.text()) .then(response => { if (!response) { - fetch(`${Utils.apiUrl}/account/login`, { method: 'POST', headers: headers, body: `username=${this.inputs[0].text}&password=${this.inputs[1].text}` }) + fetch(`${Utils.apiUrl}/account/login`, { method: 'POST', headers: headers, body: `username=${encodeURIComponent(this.inputs[0].text)}&password=${encodeURIComponent(this.inputs[1].text)}` }) .then(response => { if (!response.ok) return response.text();