From 3bf4db99608117d6e5994352d3cd9bfbd0246880 Mon Sep 17 00:00:00 2001 From: James Brechtel Date: Sat, 5 Jan 2019 14:28:28 -0500 Subject: [PATCH] [fix] Wallabag - Use JSON.encode to encode auth JSON (#4449) Previously the plugin was creating JSON by hand for authentication requests. This would cause invalid JSON to be sent when the password contained characters that need to be escaped (e.g. "). Using JSON.encode will result in values being properly escaped when necessary. --- plugins/wallabag.koplugin/main.lua | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/plugins/wallabag.koplugin/main.lua b/plugins/wallabag.koplugin/main.lua index 69247cbff..e4783c8c1 100644 --- a/plugins/wallabag.koplugin/main.lua +++ b/plugins/wallabag.koplugin/main.lua @@ -261,20 +261,22 @@ function Wallabag:getBearerToken() local login_url = "/oauth/v2/token" - local body = string.format( [[{ -"grant_type": "password", -"client_id": "%s", -"client_secret": "%s", -"username": "%s", -"password": "%s" -}]], self.client_id, self.client_secret, self.username, self.password ) + local body = { + grant_type = "password", + client_id = self.client_id, + client_secret = self.client_secret, + username = self.username, + password = self.password + } + + local bodyJSON = JSON.encode(body) local headers = { ["Content-type"] = "application/json", ["Accept"] = "application/json, */*", - ["Content-Length"] = tostring(#body), + ["Content-Length"] = tostring(#bodyJSON), } - local result = self:callAPI( "POST", login_url, headers, body, "" ) + local result = self:callAPI( "POST", login_url, headers, bodyJSON, "" ) if result then self.access_token = result.access_token