From 123da7142ce71b944f1e7ae5d2204da40864634f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julius=20H=C3=A4rtl?= Date: Tue, 13 Oct 2020 08:43:27 +0200 Subject: [PATCH] Encode requesttoken for logout url in auto logout MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Julius Härtl --- core/src/session-heartbeat.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/src/session-heartbeat.js b/core/src/session-heartbeat.js index 9c9148d2c7..e244eeff7a 100644 --- a/core/src/session-heartbeat.js +++ b/core/src/session-heartbeat.js @@ -126,7 +126,7 @@ const registerAutoLogout = () => { const timeout = Date.now() - config.session_lifetime * 1000 if (lastActive < timeout) { console.info('Inactivity timout reached, logging out') - const logoutUrl = generateUrl('/logout') + '?requesttoken=' + getRequestToken() + const logoutUrl = generateUrl('/logout') + '?requesttoken=' + encodeURIComponent(getRequestToken()) window.location = logoutUrl } }, 1000)