Encode Requesttoken for avatars
Fixes new avatar selection in master half, other half will work when https://github.com/owncloud/core/pull/14266 has get merged. Shocking to see how much places in our code do it wrong 🔫
This commit is contained in:
parent
8e6a7350f9
commit
0ea6de2f8c
|
@ -110,7 +110,7 @@ function showAvatarCropper () {
|
|||
var $cropperImage = $('#cropper img');
|
||||
|
||||
$cropperImage.attr('src',
|
||||
OC.generateUrl('/avatar/tmp') + '?requesttoken=' + oc_requesttoken + '#' + Math.floor(Math.random() * 1000));
|
||||
OC.generateUrl('/avatar/tmp') + '?requesttoken=' + encodeURIComponent(oc_requesttoken) + '#' + Math.floor(Math.random() * 1000));
|
||||
|
||||
// Looks weird, but on('load', ...) doesn't work in IE8
|
||||
$cropperImage.ready(function () {
|
||||
|
@ -311,7 +311,7 @@ $(document).ready(function () {
|
|||
var url = OC.generateUrl(
|
||||
'/avatar/{user}/{size}',
|
||||
{user: OC.currentUser, size: 1}
|
||||
) + '?requesttoken=' + oc_requesttoken;
|
||||
) + '?requesttoken=' + encodeURIComponent(oc_requesttoken);
|
||||
$.get(url, function (result) {
|
||||
if (typeof(result) === 'object') {
|
||||
$('#removeavatar').hide();
|
||||
|
|
Loading…
Reference in New Issue