From ddde90fc1afd45322bce25687661d515736b83c0 Mon Sep 17 00:00:00 2001
From: Stef Walter <stef@memberwebs.com>
Date: Thu, 11 Mar 2010 01:01:49 +0000
Subject: Properly escape the URL used for return to and realm.

The url path provided by apache was not escaped. Make sure
to escape it before use.
---
 module/mod_auth_singleid.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/module/mod_auth_singleid.c b/module/mod_auth_singleid.c
index 4520009..bff48fb 100644
--- a/module/mod_auth_singleid.c
+++ b/module/mod_auth_singleid.c
@@ -963,7 +963,7 @@ sid_request_url (sid_request_t *req, int with_path)
 	host = req->rec->hostname ? req->rec->hostname : ap_get_server_name (req->rec);
 	scheme = is_ssl ? "https" : "http";
 	port = ap_get_server_port (req->rec);
-	uri = with_path && req->rec->uri ? req->rec->uri : "";
+	uri = with_path && req->rec->uri ? ap_escape_uri (req->rec->pool, req->rec->uri) : "";
 
 	/* Default ports? */
 	if ((port == 80 && !is_ssl) || (port == 443 && is_ssl))
-- 
cgit v1.2.3