From 63f8ca8d3fe1e3b52e079e41b29c85d14376f261 Mon Sep 17 00:00:00 2001 From: Matthew Somerville Date: Thu, 21 Jun 2018 10:29:02 +0100 Subject: Use CSV escaping for categories in URLs. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Categories could contain commas, so splitting on comma is not good enough. Let’s escape the fields as if it’s a line in CSV. Fixes #2166. --- perllib/FixMyStreet/App/Controller/Auth.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'perllib/FixMyStreet/App/Controller/Auth.pm') diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm index 533e6a9be..fa3403f6d 100644 --- a/perllib/FixMyStreet/App/Controller/Auth.pm +++ b/perllib/FixMyStreet/App/Controller/Auth.pm @@ -314,7 +314,7 @@ categories this user has been assigned to. sub redirect_to_categories : Private { my ( $self, $c ) = @_; - my $categories = join(',', @{ $c->user->categories }); + my $categories = $c->user->categories_string; my $body_short = $c->cobrand->short_name( $c->user->from_body ); $c->res->redirect( $c->uri_for( "/reports/" . $body_short, { filter_category => $categories } ) ); -- cgit v1.2.3