aboutsummaryrefslogtreecommitdiff
path: root/modules/authmodule-eIDAS-v2/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'modules/authmodule-eIDAS-v2/src/main')
-rw-r--r--modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java6
1 files changed, 4 insertions, 2 deletions
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index 09b90a1d..b6b03d40 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -28,13 +28,14 @@ import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.CONTEXT
import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK;
import static at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants.TRANSITION_TO_REQUESTING_NEW_ERNP_ENTRY_TASK;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
import java.util.Enumeration;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import org.apache.commons.lang.StringEscapeUtils;
import org.apache.commons.lang3.StringUtils;
import org.jetbrains.annotations.NotNull;
import org.springframework.stereotype.Component;
@@ -222,7 +223,8 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractLocaleAuthS
AdresssucheOutputBuilder resultBuilder = AdresssucheOutput.builder();
while (reqParamNames.hasMoreElements()) {
final String paramName = reqParamNames.nextElement();
- String escaped = StringEscapeUtils.escapeHtml(request.getParameter(paramName));
+
+ String escaped = URLDecoder.decode(request.getParameter(paramName), StandardCharsets.UTF_8);
if (AdresssucheController.PARAM_MUNIPICALITY.equalsIgnoreCase(paramName)) {
resultBuilder.municipality(escaped);