Try our conversational search powered by Generative AI!

AI OnAI Off

Admin UI /Users/GetUser?userName=value is not url encoded

Drew Douglas
Drew Douglas
Vote:
 

Duplicate of

https://world.optimizely.com/forum/developer-forum/cms-12/thread-container/2022/3/admin-ui-bug-user-detail-404-in-cms-admin-when-username-contains-plus-character-/

Clicking on a user name with a "+" in it in the Admin UI results in an empty Edit Detail page for the user.

The problem is that the userName parameter is not URL encoded before sending. Therefore, the controller receives a space character (" ") instead of a plus character ("+") in the action's parameter. Because the unescaped username does not match the user's name in the database, the user is not found and the blank detail page is presented.

#275834
Edited, Mar 07, 2022 18:06
Drew Douglas
Drew Douglas
Vote:
 

Update: I can get to the Edit User detail page by substituting the url-encoded plus character in the hash portion of the url:
https://localhost:44301/EPiServer/EPiServer.Cms.UI.Admin/default#/AccessRights/Users/UserDetail/dddouglas%2btestreg5828@brillianceweb.com

#275839
Mar 07, 2022 18:47
Quan Mai
Quan Mai
Vote:
 

I will file a bug for Commerce team to look into this. Thank you for bringing this into our attention

#276316
Mar 14, 2022 10:03
Quan Mai - Mar 14, 2022 10:05
bug COM-14960, but not yet public
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.