aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Module/Magic.php9
1 files changed, 8 insertions, 1 deletions
diff --git a/Zotlabs/Module/Magic.php b/Zotlabs/Module/Magic.php
index 4b3a223ba..25c318f30 100644
--- a/Zotlabs/Module/Magic.php
+++ b/Zotlabs/Module/Magic.php
@@ -19,7 +19,11 @@ class Magic extends \Zotlabs\Web\Controller {
$rev = ((x($_REQUEST,'rev')) ? intval($_REQUEST['rev']) : 0);
$owa = ((x($_REQUEST,'owa')) ? intval($_REQUEST['owa']) : 0);
$delegate = ((x($_REQUEST,'delegate')) ? $_REQUEST['delegate'] : '');
-
+
+ // Apache(?) appears to perform an htmlentities() operation on this variable
+
+ $dest = html_entity_decode($dest);
+
$parsed = parse_url($dest);
if(! $parsed) {
if($test) {
@@ -139,6 +143,9 @@ class Magic extends \Zotlabs\Web\Controller {
if($owa) {
+ $dest = strip_zids($dest);
+ $dest = strip_query_param($dest,'f');
+
$headers = [];
$headers['Accept'] = 'application/x-zot+json' ;
$headers['X-Open-Web-Auth'] = random_string();
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-11 23:31:56 +0000