From 4b4cd88698f94fd5ab9f039cf3f600611be905d3 Mon Sep 17 00:00:00 2001
From: Evert Prants <evert@lunasqu.ee>
Date: Sat, 10 Sep 2022 12:59:04 +0300
Subject: [PATCH] encode redirect uri

---
 .../static-front-end/login/login.controller.ts       | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/modules/static-front-end/login/login.controller.ts b/src/modules/static-front-end/login/login.controller.ts
index 4673daa..d4ff92a 100644
--- a/src/modules/static-front-end/login/login.controller.ts
+++ b/src/modules/static-front-end/login/login.controller.ts
@@ -84,7 +84,7 @@ export class LoginController {
       const encrypted = await this.token.encryptChallenge(challenge);
       res.redirect(
         `login/verify?challenge=${encrypted}${
-          redirectTo ? '&redirectTo=' + redirectTo : ''
+          redirectTo ? '&redirectTo=' + encodeURIComponent(redirectTo) : ''
         }`,
       );
       return;
@@ -114,7 +114,10 @@ export class LoginController {
       });
 
       res.redirect(
-        '/login' + (query.redirectTo ? '?redirectTo=' + query.redirectTo : ''),
+        '/login' +
+          (query.redirectTo
+            ? '?redirectTo=' + encodeURIComponent(query.redirectTo)
+            : ''),
       );
       return;
     }
@@ -156,7 +159,10 @@ export class LoginController {
       });
 
       res.redirect(
-        '/login' + (query.redirectTo ? '?redirectTo=' + query.redirectTo : ''),
+        '/login' +
+          (query.redirectTo
+            ? '?redirectTo=' + encodeURIComponent(query.redirectTo)
+            : ''),
       );
       return;
     }