From 2d322a41749849e62eeeb2d0de61b1e94b83b46d Mon Sep 17 00:00:00 2001
From: Chris <ccbrown112@gmail.com>
Date: Wed, 20 Sep 2017 08:34:30 -0500
Subject: fix error message escaping (#7467)

---
 api4/oauth.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api4/oauth.go b/api4/oauth.go
index c3b64b608..10972fe07 100644
--- a/api4/oauth.go
+++ b/api4/oauth.go
@@ -464,7 +464,7 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
 		if action == model.OAUTH_ACTION_MOBILE {
 			w.Write([]byte(err.ToJson()))
 		} else {
-			http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+err.Message, http.StatusTemporaryRedirect)
+			http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+url.QueryEscape(err.Message), http.StatusTemporaryRedirect)
 		}
 		return
 	}
@@ -476,7 +476,7 @@ func completeOAuth(c *Context, w http.ResponseWriter, r *http.Request) {
 		if action == model.OAUTH_ACTION_MOBILE {
 			w.Write([]byte(err.ToJson()))
 		} else {
-			http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+err.Message, http.StatusTemporaryRedirect)
+			http.Redirect(w, r, c.GetSiteURLHeader()+"/error?message="+url.QueryEscape(err.Message), http.StatusTemporaryRedirect)
 		}
 		return
 	}
-- 
cgit v1.2.3-1-g7c22