[pve-devel] [PATCH pve-common] Fix 3560: gui/notes: escape % symbol when encoding
Dylan Whyte
d.whyte at proxmox.com
Fri Aug 6 15:22:24 CEST 2021
This prevents cases in which a string containing a percent character is
inadvertently utf-8 decoded before being displayed in notes.
Signed-off-by: Dylan Whyte <d.whyte at proxmox.com>
---
src/PVE/Tools.pm | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index 807bc03..b8d6dc9 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -1200,8 +1200,8 @@ sub upid_normalize_status_type {
sub encode_text {
my ($text) = @_;
- # all control and hi-bit characters, and ':'
- my $unsafe = "^\x20-\x39\x3b-\x7e";
+ # all control and hi-bit characters, ':', and '%'
+ my $unsafe = "\x00-\x1f\x25\x3a\x7f-\xff";
return uri_escape(Encode::encode("utf8", $text), $unsafe);
}
--
2.30.2
More information about the pve-devel
mailing list