Work around Facebook not reading the URI RFC
authorTim Düsterhus <duesterhus@woltlab.com>
Mon, 16 Mar 2015 17:07:57 +0000 (18:07 +0100)
committerTim Düsterhus <duesterhus@woltlab.com>
Mon, 16 Mar 2015 17:09:30 +0000 (18:09 +0100)
wcfsetup/install/files/lib/action/FacebookAuthAction.class.php

index 8f66cc87934117001d7f3a31082a9b5b52ee554b..bec9de7e3f28d6271c97796950bc4dbe985bd63b 100644 (file)
@@ -36,6 +36,13 @@ class FacebookAuthAction extends AbstractAction {
                parent::execute();
                
                $callbackURL = LinkHandler::getInstance()->getLink('FacebookAuth');
+
+               // Work around Facebook performing an illegal substitution of the Slash
+               // by '%2F' when entering redirect URI (RFC 3986 sect. 2.2, sect. 3.4)
+               $callbackURL = preg_replace_callback('/(?<=\?).*/', function ($matches) {
+                       return rawurlencode($matches[0]);
+               }, $callbackURL);
+
                // user accepted the connection
                if (isset($_GET['code'])) {
                        try {