From e3de4edc51b5a7444f99f4b4ca5ce9f70b3b3e8c Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Wed, 23 Jan 2019 16:16:31 +0100
Subject: [PATCH] Urlencode the requesttoken

Followup of #13757

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/legacy/user.php         | 2 +-
 tests/lib/NavigationManagerTest.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/private/legacy/user.php b/lib/private/legacy/user.php
index ab87c484db..3d4dc5cc98 100644
--- a/lib/private/legacy/user.php
+++ b/lib/private/legacy/user.php
@@ -270,7 +270,7 @@ class OC_User {
 		}
 
 		$logoutUrl = $urlGenerator->linkToRouteAbsolute('core.login.logout');
-		$logoutUrl .= '?requesttoken=' . \OCP\Util::callRegister();
+		$logoutUrl .= '?requesttoken=' . urlencode(\OCP\Util::callRegister());
 
 		return $logoutUrl;
 	}
diff --git a/tests/lib/NavigationManagerTest.php b/tests/lib/NavigationManagerTest.php
index 6649aba28b..f552bd2eee 100644
--- a/tests/lib/NavigationManagerTest.php
+++ b/tests/lib/NavigationManagerTest.php
@@ -270,7 +270,7 @@ class NavigationManagerTest extends TestCase {
 			'logout' => [
 				'id'      => 'logout',
 				'order'   => 99999,
-				'href'    => 'https://example.com/logout?requesttoken='. \OCP\Util::callRegister(),
+				'href'    => 'https://example.com/logout?requesttoken='. urlencode(\OCP\Util::callRegister()),
 				'icon'    => '/apps/core/img/actions/logout.svg',
 				'name'    => 'Log out',
 				'active'  => false,