fix #5486: tools: encode_text: add '%' to list of encoded characters

all text that is going through encode_text will at a later point be decoded by 'decode_text'. The latter is decoding all percent encoded characters, even those not originally encoded by 'encode_text'. This means, to preserve the original data, we first have to at least percent encode the '%' itself, otherwise it's impossible to properly store e.g. '%20' there. It would get saved as '%20' directly, but on the next read, it gets decoded to ' ', which is not the original data. instead we have to save it as '%2520', which gets then correctly decoded to '%20' again This is especially important for the vm/ct/node description, as there users can store external links, which already include percent encoded characters. Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
2025-07-14 03:58:25 +00:00 · 2024-05-28 13:10:02 +02:00 · 2024-05-28 13:10:02 +02:00 · 06f436f126
commit 06f436f126
parent 6cba8d7660
1 changed files with 2 additions and 2 deletions
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@ -1246,8 +1246,8 @@ sub upid_normalize_status_type {
 sub encode_text {
    my ($text) = @_;

-    # all control and hi-bit characters, and ':'
-    my $unsafe = "^\x20-\x39\x3b-\x7e";
+    # all control and hi-bit characters, ':' and '%'
+    my $unsafe = "^\x20-\x24\x26-\x39\x3b-\x7e";
    return uri_escape(Encode::encode("utf8", $text), $unsafe);
 }