From 123da7142ce71b944f1e7ae5d2204da40864634f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Tue, 13 Oct 2020 08:43:27 +0200
Subject: [PATCH] Encode requesttoken for logout url in auto logout
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 core/src/session-heartbeat.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/core/src/session-heartbeat.js b/core/src/session-heartbeat.js
index 9c9148d2c7..e244eeff7a 100644
--- a/core/src/session-heartbeat.js
+++ b/core/src/session-heartbeat.js
@@ -126,7 +126,7 @@ const registerAutoLogout = () => {
 		const timeout = Date.now() - config.session_lifetime * 1000
 		if (lastActive < timeout) {
 			console.info('Inactivity timout reached, logging out')
-			const logoutUrl = generateUrl('/logout') + '?requesttoken=' + getRequestToken()
+			const logoutUrl = generateUrl('/logout') + '?requesttoken=' + encodeURIComponent(getRequestToken())
 			window.location = logoutUrl
 		}
 	}, 1000)