Admin UI /Users/GetUser?userName=value is not url encoded


Duplicate of

Clicking on a user name with a "+" in it in the Admin UI results in an empty Edit Detail page for the user.

The problem is that the userName parameter is not URL encoded before sending. Therefore, the controller receives a space character (" ") instead of a plus character ("+") in the action's parameter. Because the unescaped username does not match the user's name in the database, the user is not found and the blank detail page is presented.

Edited, Mar 07, 2022 18:06

Update: I can get to the Edit User detail page by substituting the url-encoded plus character in the hash portion of the url:

Mar 07, 2022 18:47

I will file a bug for Commerce team to look into this. Thank you for bringing this into our attention

Mar 14, 2022 10:03
Quan Mai - Mar 14, 2022 10:05
bug COM-14960, but not yet public
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.