diff --git a/api-users.go b/api-users.go
index b5a47ad..8af1efc 100644
--- a/api-users.go
+++ b/api-users.go
@@ -2,6 +2,7 @@ package main
import (
"fmt"
+ "net/url"
"os"
"strings"
"time"
@@ -927,12 +928,17 @@ func (app *appContext) GetAnnounceTemplates(gc *gin.Context) {
// @Produce json
// @Success 200 {object} announcementTemplate
// @Failure 400 {object} boolResponse
-// @Param name path string true "name of template"
+// @Param name path string true "name of template (url encoded if necessary)"
// @Router /users/announce/template/{name} [get]
// @Security Bearer
// @tags Users
func (app *appContext) GetAnnounceTemplate(gc *gin.Context) {
- name := gc.Param("name")
+ escapedName := gc.Param("name")
+ name, err := url.QueryUnescape(escapedName)
+ if err != nil {
+ respondBool(400, false, gc)
+ return
+ }
if announcement, ok := app.storage.GetAnnouncementsKey(name); ok {
gc.JSON(200, announcement)
return
diff --git a/ts/modules/accounts.ts b/ts/modules/accounts.ts
index 2365b60..95a39e9 100644
--- a/ts/modules/accounts.ts
+++ b/ts/modules/accounts.ts
@@ -1275,8 +1275,9 @@ export class accountsList {
el.innerHTML = `
${name}×
`;
+ let urlSafeName = encodeURIComponent(encodeURIComponent(name));
(el.querySelector("span.accounts-announce-template-button") as HTMLSpanElement).onclick = () => {
- _get("/users/announce/" + name, null, (req: XMLHttpRequest) => {
+ _get("/users/announce/" + urlSafeName, null, (req: XMLHttpRequest) => {
if (req.readyState == 4) {
let template: announcementTemplate;
if (req.status != 200) {
@@ -1289,7 +1290,7 @@ export class accountsList {
});
};
(el.querySelector("span.accounts-announce-template-delete") as HTMLSpanElement).onclick = () => {
- _delete("/users/announce/" + name, null, (req: XMLHttpRequest) => {
+ _delete("/users/announce/" + urlSafeName, null, (req: XMLHttpRequest) => {
if (req.readyState == 4) {
if (req.status != 200) {
window.notifications.customError("deleteTemplateError", window.lang.notif("errorFailureCheckLogs"));