Mirrors
/
aredn
mirror of https://github.com/aredn/aredn.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correctly escape characters in the mailto: urls (#1099)

This commit is contained in:
Tim Wilkinson 2024-02-19 17:33:41 -08:00 committed by GitHub
parent e76c21de2d
commit d1777c016d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
files/usr/lib/lua/aredn/http.lua
View File

@ -94,3 +94,6 @@ function parsecgi(str)
end
-- Written by RiciLake -- END
function encode_uri_component(str)
return str:gsub(" ", "%%20"):gsub("%+", "%%2B"):gsub("=", "%%3D")
end

2
files/www/cgi-bin/vpn
View File

@ -753,7 +753,7 @@ do
html.print("<td rowspan='2' class='tun_client_center_item'><input type=submit name=wgclient_add value=Add title='Add this client'></td>")
else
html.print("<td rowspan='2' class='tun_client_center_item tun_client_mailto' id=wgclient" .. val .. "_email>")
html.print("<a href='mailto:?subject=AREDN%20Tunnel%20Connection&body=Your%20connection%20details:%0D%0AName:%20" .. name .. "%0D%0APassword:%20" .. (server_pub .. client_priv .. client_pub) .. "%0D%0ANetwork:%20" .. fullnet .. "%0D%0AServer%20address:%20" .. dns .. "' target='_blank'>")
html.print("<a href='mailto:?subject=AREDN%20Tunnel%20Connection&body=Your%20connection%20details:%0D%0AName:%20" ..encode_uri_component(name) .. "%0D%0APassword:%20" .. encode_uri_component(server_pub .. client_priv .. client_pub) .. "%0D%0ANetwork:%20" .. encode_uri_component(fullnet) .. "%0D%0AServer%20address:%20" .. encode_uri_component(dns) .. "' target='_blank'>")
html.print("<img class='tun_client_mailto_img' src='/email.png' title='Email details' /></a></td>")
end
html.print("</tr><tr class='tun_client_list1 tun_client_row tun_loading_css_comment'><td colspan='2' align='right'>Contact Info/Comment (Optional): <input type=text maxlength='50' size=40 name=wgclient" .. val .. "_contact value='" .. (contact or "") .."'")