From 63f8ca8d3fe1e3b52e079e41b29c85d14376f261 Mon Sep 17 00:00:00 2001
From: Matthew Somerville <matthew-github@dracos.co.uk>
Date: Thu, 21 Jun 2018 10:29:02 +0100
Subject: Use CSV escaping for categories in URLs.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Categories could contain commas, so splitting on comma is not good enough.
Let’s escape the fields as if it’s a line in CSV. Fixes #2166.
---
 perllib/FixMyStreet/App/Controller/Auth.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'perllib/FixMyStreet/App/Controller/Auth.pm')

diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index 533e6a9be..fa3403f6d 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -314,7 +314,7 @@ categories this user has been assigned to.
 sub redirect_to_categories : Private {
     my ( $self, $c ) = @_;
 
-    my $categories = join(',', @{ $c->user->categories });
+    my $categories = $c->user->categories_string;
     my $body_short = $c->cobrand->short_name( $c->user->from_body );
 
     $c->res->redirect( $c->uri_for( "/reports/" . $body_short, { filter_category => $categories } ) );
-- 
cgit v1.2.3