ovpnmain.cgi: URI encode OTPAuth String in QRCode

Signed-off-by: Timo Eissler <timo.eissler@ipfire.org>

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 83ab27c9396faa0969e56f2911182634ab6a1673..5057bd64bdfdb21922d2a4b6ef9d6d710fa56b52 100644 (file)
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -26,6 +26,7 @@ use CGI qw/:standard/;
 use Imager::QRCode;
 use MIME::Base32;
 use MIME::Base64;
+use URI::Encode qw(uri_encode uri_decode);;
 use Net::DNS;
 use Net::Ping;
 use Net::Telnet;
@@ -2654,9 +2655,9 @@ else
       lightcolor    => Imager::Color->new(255, 255, 255),
       darkcolor     => Imager::Color->new(0, 0, 0),
    );
-   my $cn = $confighash{$cgiparams{'KEY'}}[2];
+   my $cn = uri_encode($confighash{$cgiparams{'KEY'}}[2]);
    my $secret = encode_base32(pack('H*', $confighash{$cgiparams{'KEY'}}[44]));
-   my $issuer = "$mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}";
+   my $issuer = uri_encode("$mainsettings{'HOSTNAME'}.$mainsettings{'DOMAINNAME'}");
    my $qrcodeimg = $qrcode->plot("otpauth://totp/$cn?secret=$secret&issuer=$issuer");
    my $qrcodeimgdata;
    $qrcodeimg->write(data => \$qrcodeimgdata, type=> 'png')