aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2026-02-20 13:44:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

HTTP Escape placeholders in callbacks

Browse Source
This commit is contained in:
nicolas.dorier
2020-08-04 14:05:36 +09:00
parent 7f29769352
commit f2a005eeac
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
BTCPayServer/Services/Invoices/InvoiceEntity.cs
View File

@@ -8,6 +8,7 @@ using BTCPayServer.JsonConverters;
using BTCPayServer.Models;
using BTCPayServer.Payments;
using BTCPayServer.Payments.Bitcoin;
using Microsoft.AspNetCore.Http.Extensions;
using NBitcoin;
using NBitcoin.DataEncoders;
using NBitpayClient;
@@ -299,8 +300,8 @@ namespace BTCPayServer.Services.Invoices
private Uri FillPlaceholdersUri(string v)
{
var uriStr = (v ?? string.Empty).Replace("{OrderId}", OrderId ?? "", StringComparison.OrdinalIgnoreCase)
.Replace("{InvoiceId}", Id ?? "", StringComparison.OrdinalIgnoreCase);
var uriStr = (v ?? string.Empty).Replace("{OrderId}", System.Web.HttpUtility.UrlEncode(OrderId) ?? "", StringComparison.OrdinalIgnoreCase)
.Replace("{InvoiceId}", System.Web.HttpUtility.UrlEncode(Id) ?? "", StringComparison.OrdinalIgnoreCase);
if (Uri.TryCreate(uriStr, UriKind.Absolute, out var uri) && (uri.Scheme == "http" || uri.Scheme == "https"))
return uri;
return null;