From 06f436f126869f84b03f263ede79409b7e6a00d5 Mon Sep 17 00:00:00 2001 From: Dominik Csapak Date: Tue, 28 May 2024 13:10:02 +0200 Subject: [PATCH] fix #5486: tools: encode_text: add '%' to list of encoded characters all text that is going through encode_text will at a later point be decoded by 'decode_text'. The latter is decoding all percent encoded characters, even those not originally encoded by 'encode_text'. This means, to preserve the original data, we first have to at least percent encode the '%' itself, otherwise it's impossible to properly store e.g. '%20' there. It would get saved as '%20' directly, but on the next read, it gets decoded to ' ', which is not the original data. instead we have to save it as '%2520', which gets then correctly decoded to '%20' again This is especially important for the vm/ct/node description, as there users can store external links, which already include percent encoded characters. Signed-off-by: Dominik Csapak --- src/PVE/Tools.pm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm index c2906de..bd305bd 100644 --- a/src/PVE/Tools.pm +++ b/src/PVE/Tools.pm @@ -1246,8 +1246,8 @@ sub upid_normalize_status_type { sub encode_text { my ($text) = @_; - # all control and hi-bit characters, and ':' - my $unsafe = "^\x20-\x39\x3b-\x7e"; + # all control and hi-bit characters, ':' and '%' + my $unsafe = "^\x20-\x24\x26-\x39\x3b-\x7e"; return uri_escape(Encode::encode("utf8", $text), $unsafe); }