Encode the `returnUrl` if it start with `/connect/authorize?`.

1 year ago · a8d671fa05
parent a3c2b1652e
commit a8d671fa05
1 changed files with 5 additions and 0 deletions
--- a/modules/account/src/Volo.Abp.Account.Application/Volo/Abp/Account/Emailing/AccountEmailer.cs
+++ b/modules/account/src/Volo.Abp.Account.Application/Volo/Abp/Account/Emailing/AccountEmailer.cs
@ -101,6 +101,11 @@ public class AccountEmailer : IAccountEmailer, ITransientDependency
            }
        }

+        if (returnUrl.StartsWith("/connect/authorize?", StringComparison.OrdinalIgnoreCase))
+        {
+            return HttpUtility.UrlEncode(returnUrl);
+        }
+
        return returnUrl;
    }
 }