json query for users/groups is not properly escaped - Githubissues

gyselroth / balloon-client-web

balloon web user interface

GNU General Public License v3.0

2 stars 5 forks source link

json query for users/groups is not properly escaped #260

Closed raffis closed 5 years ago

raffis commented 5 years ago

Describe the bug

Invalid json provided while searching for user/groups with an & character.

To Reproduce

Search for test&test in share resources (user/groups)
Server api exception: invalid json provided

request: api/v2/users?{%22query%22:{%22username%22:%22test&test%22}} & should be escaped.

Expected behavior

Instead ?json used ?query=json.
Properly urlencode query

Environment

web-client version: v3.2.6
balloon server version: [e.g. v2.4.2]
Deployed as: [e.g. docker,deb package,tar,compiled manually]
client os: [e.g. Linux Mint 19.2]
browser: [e.g. Firefox 62]

Additional context

Add any other context about the problem here.

rootinier commented 5 years ago

fixed by 527ee75a6ecf883dc99e6b1d81a303cad25180fb