Don't double encode tgt

2023-04-05 20:23:32 +02:00 · 2023-04-05 20:23:32 +02:00 · 5ff4726f43
parent 8c92bce3d9
commit 5ff4726f43
1 changed files with 1 additions and 2 deletions
--- a/Controllers/RedirectController.cs
+++ b/Controllers/RedirectController.cs
@ -19,9 +19,8 @@ public class RedirectController : Controller {
 			return BadRequest("Bad request.");
 		}

-		// tgt is urlencoded twice because authelia decodes it by one layer 
 		var targetUrl =
-			$"https://{Vars.AuthProxySubdomain}.{dstDomain}/api/cookieproxy_stage_one?tgt={HttpUtility.UrlEncode(HttpUtility.UrlEncode(tgt))}";
+			$"https://{Vars.AuthProxySubdomain}.{dstDomain}/api/cookieproxy_stage_one?tgt={HttpUtility.UrlEncode(tgt)}";
 		Response.Redirect(targetUrl);
 		return Content($"Redirecting... <a href=\"{targetUrl}\">Click here if you are not redirected automatically</a>", "text/html");
 	}