diff --git a/meshcentral.js b/meshcentral.js index 046d6e8c..e7bd08b5 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -3575,7 +3575,7 @@ function CreateMeshCentralServer(config, args) { try { const iv = Buffer.from(obj.crypto.randomBytes(12), 'binary'), cipher = obj.crypto.createCipheriv('aes-256-gcm', key.slice(0, 32), iv); const crypted = Buffer.concat([cipher.update(JSON.stringify(data), 'utf8'), cipher.final()]); - return Buffer.concat([iv, cipher.getAuthTag(), crypted]).toString(obj.args.cookieencoding ? obj.args.cookieencoding : 'base64'); + return Buffer.concat([iv, cipher.getAuthTag(), crypted]).toString(obj.args.cookieencoding ? obj.args.cookieencoding : 'base64').replace(/\+/g, '@').replace(/\//g, '$'); } catch (ex) { return null; } } @@ -3584,7 +3584,7 @@ function CreateMeshCentralServer(config, args) { if ((typeof data != 'string') || (data.length < 13)) return {}; if (key == null) { key = obj.loginCookieEncryptionKey; } try { - const buf = Buffer.from(data, 'base64'); + const buf = Buffer.from(data.replace(/\@/g, '+').replace(/\$/g, '/'), obj.args.cookieencoding ? obj.args.cookieencoding : 'base64'); const decipher = obj.crypto.createDecipheriv('aes-256-gcm', key.slice(0, 32), buf.slice(0, 12)); decipher.setAuthTag(buf.slice(12, 28)); return JSON.parse(decipher.update(buf.slice(28), 'binary', 'utf8') + decipher.final('utf8'));