@@ -383,7 +383,7 @@ async function getWopiFileUrl(ctx, fileInfo, userAuth) {
383383 } else if ( fileInfo ?. TemplateSource ) {
384384 url = fileInfo . TemplateSource ;
385385 } else if ( userAuth ) {
386- url = `${ userAuth . wopiSrc } /contents?access_token=${ userAuth . access_token } ` ;
386+ url = `${ userAuth . wopiSrc } /contents?access_token=${ encodeURIComponent ( userAuth . access_token ) } ` ;
387387 await fillStandardHeaders ( ctx , headers , url , userAuth . access_token ) ;
388388 }
389389 ctx . logger . debug ( 'getWopiFileUrl url=%s; headers=%j' , url , headers ) ;
@@ -740,7 +740,7 @@ function putFile(ctx, wopiParams, data, dataStream, dataSize, userLastChangeId,
740740 }
741741 let fileInfo = wopiParams . commonInfo . fileInfo ;
742742 let userAuth = wopiParams . userAuth ;
743- let uri = `${ userAuth . wopiSrc } /contents?access_token=${ userAuth . access_token } ` ;
743+ let uri = `${ userAuth . wopiSrc } /contents?access_token=${ encodeURIComponent ( userAuth . access_token ) } ` ;
744744 let filterStatus = yield checkIpFilter ( ctx , uri ) ;
745745 if ( 0 !== filterStatus ) {
746746 return postRes ;
@@ -785,7 +785,7 @@ function putRelativeFile(ctx, wopiSrc, access_token, data, dataStream, dataSize,
785785 ctx . logger . info ( 'wopi putRelativeFile start' ) ;
786786 const tenCallbackRequestTimeout = ctx . getCfg ( 'services.CoAuthoring.server.callbackRequestTimeout' , cfgCallbackRequestTimeout ) ;
787787
788- let uri = `${ wopiSrc } ?access_token=${ access_token } ` ;
788+ let uri = `${ wopiSrc } ?access_token=${ encodeURIComponent ( access_token ) } ` ;
789789 let filterStatus = yield checkIpFilter ( ctx , uri ) ;
790790 if ( 0 !== filterStatus ) {
791791 return res ;
@@ -825,7 +825,7 @@ function renameFile(ctx, wopiParams, name) {
825825 }
826826 let fileInfo = wopiParams . commonInfo . fileInfo ;
827827 let userAuth = wopiParams . userAuth ;
828- let uri = `${ userAuth . wopiSrc } ?access_token=${ userAuth . access_token } ` ;
828+ let uri = `${ userAuth . wopiSrc } ?access_token=${ encodeURIComponent ( userAuth . access_token ) } ` ;
829829 let filterStatus = yield checkIpFilter ( ctx , uri ) ;
830830 if ( 0 !== filterStatus ) {
831831 return res ;
@@ -909,7 +909,7 @@ function checkFileInfo(ctx, wopiSrc, access_token, opt_sc) {
909909 ctx . logger . info ( 'wopi checkFileInfo start' ) ;
910910 const tenDownloadTimeout = ctx . getCfg ( 'FileConverter.converter.downloadTimeout' , cfgDownloadTimeout ) ;
911911
912- let uri = `${ encodeURI ( wopiSrc ) } ?access_token=${ encodeURIComponent ( access_token ) } ` ;
912+ let uri = `${ wopiSrc } ?access_token=${ encodeURIComponent ( access_token ) } ` ;
913913 let filterStatus = yield checkIpFilter ( ctx , uri ) ;
914914 if ( 0 !== filterStatus ) {
915915 return fileInfo ;
@@ -946,7 +946,7 @@ function lock(ctx, command, lockId, fileInfo, userAuth) {
946946 }
947947 let wopiSrc = userAuth . wopiSrc ;
948948 let access_token = userAuth . access_token ;
949- let uri = `${ wopiSrc } ?access_token=${ access_token } ` ;
949+ let uri = `${ wopiSrc } ?access_token=${ encodeURIComponent ( access_token ) } ` ;
950950 let filterStatus = yield checkIpFilter ( ctx , uri ) ;
951951 if ( 0 !== filterStatus ) {
952952 return false ;
@@ -985,7 +985,7 @@ async function unlock(ctx, wopiParams) {
985985 let wopiSrc = wopiParams . userAuth . wopiSrc ;
986986 let lockId = wopiParams . commonInfo . lockId ;
987987 let access_token = wopiParams . userAuth . access_token ;
988- let uri = `${ wopiSrc } ?access_token=${ access_token } ` ;
988+ let uri = `${ wopiSrc } ?access_token=${ encodeURIComponent ( access_token ) } ` ;
989989 let filterStatus = await checkIpFilter ( ctx , uri ) ;
990990 if ( 0 !== filterStatus ) {
991991 return ;
0 commit comments