Ensure all is escaped properly

2020-01-22 18:26:34 +01:00 · 2020-01-22 18:26:34 +01:00 · 0e55f81879
parent cbf418c401
commit 0e55f81879
1 changed files with 7 additions and 7 deletions
--- a/matrix-sdk-android/src/main/java/im/vector/matrix/android/internal/crypto/verification/qrcode/Extensions.kt
+++ b/matrix-sdk-android/src/main/java/im/vector/matrix/android/internal/crypto/verification/qrcode/Extensions.kt
@ -36,10 +36,12 @@ fun QrCodeData.toUrl(): String {
        append("?request=")
        append(PermalinkFactory.escape(requestEventId))
        append("&action=")
-        append(action)
+        append(PermalinkFactory.escape(action))

        for ((keyId, key) in keys) {
-            append("&key_$keyId=")
+            append("&key_")
+            append(PermalinkFactory.escape(keyId))
+            append("=")
            append(PermalinkFactory.escape(key))
        }

@ -80,14 +82,12 @@ fun String.toQrCodeData(): QrCodeData? {
            .filter { it.isNotEmpty() }

    val keyValues = urlParams.map {
-        (it.substringBefore("=") to it.substringAfter("="))
+        (it.substringBefore("=") to it.substringAfter("=").let { value -> PermalinkFactory.unescape(value) })
    }.toMap()

    val action = keyValues["action"] ?: return null

-    val requestId = keyValues["request"]
-            ?.let { PermalinkFactory.unescape(it) }
-            ?.takeIf { MatrixPatterns.isEventId(it) } ?: return null
+    val requestEventId = keyValues["request"]?.takeIf { MatrixPatterns.isEventId(it) } ?: return null
    val sharedSecret = keyValues["secret"] ?: return null
    val otherUserKey = keyValues["other_user_key"] ?: return null

@ -100,7 +100,7 @@ fun String.toQrCodeData(): QrCodeData? {

    return QrCodeData(
            userId,
-            requestId,
+            requestEventId,
            action,
            keys,
            sharedSecret,