libubuntuone

Store URLs not escaped properly when logging in

Bug #863176 reported by Stuart Langridge on 2011-09-30

This bug affects 2 people

	Status	Importance	Assigned to	Milestone
libubuntuone	Status tracked in Trunk
Stable-0-10	New	Undecided	Unassigned
Stable-0-12	New	Undecided	Unassigned
Stable-0-4	New	Undecided	Unassigned
Stable-3-0	Fix Released	High	John Lenton	libubuntuone 2.99.0
Trunk	Fix Released	High	John Lenton
libubuntuone (Ubuntu)	Fix Released	High	Unassigned
Oneiric	Fix Released	High	Unassigned

Bug Description

From http://bazaar.launchpad.net/~ubuntuone-control-tower/libubuntuone/trunk/view/head:/libubuntuone/u1-music-store.c#L1426

u1_music_store_load_store_link (U1MusicStore *music_store, const gchar *url)
{
gchar *real_url, *oauth_consumer_token, *oauth_consumer_secret, *oauth_token, *oauth_token_secret;
g_return_if_fail (U1_IS_MUSIC_STORE (music_store));
g_return_if_fail (url != NULL);
/* If the load_real_store callback is set up, disable it first */
if (music_store->priv->idle_cb > 0) {
  g_source_remove (music_store->priv->idle_cb);
  music_store->priv->idle_cb = 0;
}
real_url = g_strdup_printf ("%s%s?forward_on_to_url=%s",
        music_store->priv->base_url,
        U1_STORE_URL,
        url);

This isn't escaping the forward_on_to_url. What this means is this:

music_store->priv->base_url = https://one.ubuntu.com/
U1_STORE_URL = /music/login
url = http://7dserver/path?q1=a&q2=b

will give the URL

https://one.ubuntu.com/music/login?forward_on_to_url=http://7dserver/path?q1=a&q2=b

which is wrong, because the parameter q2=b is a parameter of the one.ubuntu.com URL, not of the 7dserver URL. The forward_on_to_url needs to be escaped to http%3A//7dserver/path%3Fq1%3Da%26q2%3Db before it is oauth-signed.

To replicate:
1. Run Banshee
2. xdg-open 'u1ms://stores.7digital.com/stores/corporate_2/productDetail.aspx?shop=496&partner=983&pid=595524&sid=17861804'
3. See a "My Music" green non-U1 store error page

What should happen:
3. See an Ubuntu One Music album page (if in the WORLD store territory) or an Ubuntu One Music error page (if not)

See original description

Tags:

Related branches

lp://staging/~chipaca/libubuntuone/fix-863176

Merged into lp://staging/libubuntuone at revision 138

dobey (community): Approve on 2011-09-30

Stuart Langridge (community): Approve on 2011-09-30

lp://staging/ubuntu/oneiric/libubuntuone

Stuart Langridge (sil) on 2011-09-30

description:	updated
description:	updated

dobey (dobey) on 2011-09-30

tags:

added: u1-maverick-sru u1-natty-sru

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-30:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in libubuntuone (Ubuntu):
status:	New → Confirmed

dobey (dobey) on 2011-09-30

description:

updated

Sebastien Bacher (seb128) on 2011-09-30

Changed in libubuntuone (Ubuntu Oneiric):
status:	Confirmed → Fix Committed
importance:	Undecided → High

Revision history for this message

Launchpad Janitor (janitor) wrote on 2011-09-30:

This bug was fixed in the package libubuntuone - 0.11.0-0ubuntu2

---------------
libubuntuone (0.11.0-0ubuntu2) oneiric; urgency=low

* Backport upstream r138 to fix store urls escaping issues (lp: #863176)
-- Sebastien Bacher <email address hidden> Fri, 30 Sep 2011 21:17:57 +0200

Changed in libubuntuone (Ubuntu Oneiric):
status:	Fix Committed → Fix Released

Adolfo Jayme Barrientos (fitojb) on 2013-05-17

no longer affects:	libubuntuone (Ubuntu Maverick)
no longer affects:	libubuntuone (Ubuntu Natty)

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

Bug #863197

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.