From 18bcec1feec48ee852dc90289d3d004e869eb994 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?John=20Molakvo=C3=A6=20=28skjnldsv=29?=
 <skjnldsv@protonmail.com>
Date: Fri, 10 Apr 2020 08:50:15 +0200
Subject: [PATCH] Fix absolute redirect
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
---
 core/Controller/LoginController.php           | 2 +-
 tests/Core/Controller/LoginControllerTest.php | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index e9e2f02edb2..5c6d9e76a77 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -251,7 +251,7 @@ class LoginController extends Controller {
 
 	private function generateRedirect(?string $redirectUrl): RedirectResponse {
 		if ($redirectUrl !== null && $this->userSession->isLoggedIn()) {
-			$location = $this->urlGenerator->getAbsoluteURL(urldecode($redirectUrl));
+			$location = $this->urlGenerator->getAbsoluteURL($redirectUrl);
 			// Deny the redirect if the URL contains a @
 			// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
 			if (strpos($location, '@') === false) {
diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php
index df1b12b9709..3f9bc5cb9fe 100644
--- a/tests/Core/Controller/LoginControllerTest.php
+++ b/tests/Core/Controller/LoginControllerTest.php
@@ -475,7 +475,7 @@ class LoginControllerTest extends TestCase {
 			->method('getUID')
 			->will($this->returnValue('jane'));
 		$password = 'secret';
-		$originalUrl = 'another%20url';
+		$originalUrl = 'another url';
 		$redirectUrl = 'http://localhost/another url';
 
 		$this->request
@@ -517,7 +517,7 @@ class LoginControllerTest extends TestCase {
 			$this->request,
 			$user,
 			$password,
-			'%2Fapps%2Fmail'
+			'/apps/mail'
 		);
 		$loginResult = LoginResult::success($loginData);
 		$this->chain->expects($this->once())
@@ -533,7 +533,7 @@ class LoginControllerTest extends TestCase {
 			->will($this->returnValue($redirectUrl));
 		$expected = new \OCP\AppFramework\Http\RedirectResponse($redirectUrl);
 
-		$response = $this->loginController->tryLogin($user, $password, '%2Fapps%2Fmail');
+		$response = $this->loginController->tryLogin($user, $password, '/apps/mail');
 
 		$this->assertEquals($expected, $response);
 	}