Encode site domain when redirecting a shared link

Fixes #376
This commit is contained in:
Uku Taht 2020-12-22 17:37:05 +02:00
parent 31ed9c017c
commit 49c4ec2e9c
2 changed files with 9 additions and 1 deletions

View File

@ -109,7 +109,7 @@ defmodule PlausibleWeb.StatsController do
|> put_session(shared_link_key, %{
valid_until: Timex.now() |> Timex.shift(hours: 1) |> DateTime.to_unix()
})
|> redirect(to: "/#{shared_link.site.domain}")
|> redirect(to: "/#{URI.encode_www_form(shared_link.site.domain)}")
end
defp remove_email_report_banner(conn, site) do

View File

@ -73,6 +73,14 @@ defmodule PlausibleWeb.StatsControllerTest do
conn = get(conn, "/#{site.domain}")
assert html_response(conn, 200) =~ "stats-react-container"
end
test "encodes URI when redirecting", %{conn: conn} do
site = insert(:site, domain: "test-site.com/wat")
link = insert(:shared_link, site: site)
conn = get(conn, "/share/#{link.slug}")
assert redirected_to(conn, 302) == "/test-site.com%2Fwat"
end
end
describe "POST /share/:slug/authenticate" do