mirrors/btcpayserver
1
0
Fork 0
mirror of https://github.com/btcpayserver/btcpayserver.git synced 2025-01-19 05:33:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

HTTP Escape placeholders in callbacks

Browse Source
This commit is contained in:
nicolas.dorier 2020-08-04 14:05:36 +09:00
parent 7f29769352
commit f2a005eeac
No known key found for this signature in database
GPG Key ID: 6618763EF09186FE
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
BTCPayServer/Services/Invoices/InvoiceEntity.cs
View File

@ -8,6 +8,7 @@ using BTCPayServer.JsonConverters;
using BTCPayServer.Models;
using BTCPayServer.Payments;
using BTCPayServer.Payments.Bitcoin;
using Microsoft.AspNetCore.Http.Extensions;
using NBitcoin;
using NBitcoin.DataEncoders;
using NBitpayClient;
@ -299,8 +300,8 @@ namespace BTCPayServer.Services.Invoices
private Uri FillPlaceholdersUri(string v)
{
var uriStr = (v ?? string.Empty).Replace("{OrderId}", OrderId ?? "", StringComparison.OrdinalIgnoreCase)
.Replace("{InvoiceId}", Id ?? "", StringComparison.OrdinalIgnoreCase);
var uriStr = (v ?? string.Empty).Replace("{OrderId}", System.Web.HttpUtility.UrlEncode(OrderId) ?? "", StringComparison.OrdinalIgnoreCase)
.Replace("{InvoiceId}", System.Web.HttpUtility.UrlEncode(Id) ?? "", StringComparison.OrdinalIgnoreCase);
if (Uri.TryCreate(uriStr, UriKind.Absolute, out var uri) && (uri.Scheme == "http" || uri.Scheme == "https"))
return uri;
return null;