Closed vroetman closed 1 year ago
QueryEscape the URL of the original URL in the query parameter because if it contains a "&" character, it will be parsed as another query parameter, losing part of the query when redirecting back to the original URL.
For example (the query patterned from a google search), https://app1.example.com/path/to/something?q=query+strings&source=hp&ei=IKG0Cg&sclient=gws-wiz would redirect back to https://app1.example.com/path/to/something?q=query+strings
Applying QueryEscape to the URL before appending it to the state query parameter solves this problem.
QueryEscape the URL of the original URL in the query parameter because if it contains a "&" character, it will be parsed as another query parameter, losing part of the query when redirecting back to the original URL.
For example (the query patterned from a google search), https://app1.example.com/path/to/something?q=query+strings&source=hp&ei=IKG0Cg&sclient=gws-wiz would redirect back to https://app1.example.com/path/to/something?q=query+strings
Applying QueryEscape to the URL before appending it to the state query parameter solves this problem.