From 2111d03ffb78027e0861d47d66a2ee9ea7b7114a Mon Sep 17 00:00:00 2001
From: Alexander Sulfrian <sulfrian@ub.fu-berlin.de>
Date: Fri, 24 May 2019 18:40:48 +0200
Subject: [PATCH] HAL: Encode username and password in login form

---
 dspace-spring-rest/src/main/webapp/login.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dspace-spring-rest/src/main/webapp/login.html b/dspace-spring-rest/src/main/webapp/login.html
index 8895e7bba2..c7639d0868 100644
--- a/dspace-spring-rest/src/main/webapp/login.html
+++ b/dspace-spring-rest/src/main/webapp/login.html
@@ -139,7 +139,7 @@
                 url : window.location.href.replace("login.html", "") + 'api/authn/login',
                 type : 'POST',
                 async : false,
-                data : 'password='+$("#password").val()+'&user='+$("#username").val() ,
+                data : 'password='+encodeURIComponent($("#password").val())+'&user='+encodeURIComponent($("#username").val()),
                 headers : {
                     "Content-Type" : 'application/x-www-form-urlencoded',
                     "Accept:" : '*/*'