From e15f08d72a7e5f697fe4d64f1bd48465052ca115 Mon Sep 17 00:00:00 2001
From: ArthurHoaro <arthur@hoa.ro>
Date: Mon, 21 Mar 2016 19:06:46 +0100
Subject: [PATCH] Use generateLocation to set the redirection in login (and
 don't escape the url)

---
 index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.php b/index.php
index 850b350..27db10b 100644
--- a/index.php
+++ b/index.php
@@ -483,7 +483,7 @@ if (isset($_POST['login']))
         if (isset($_POST['returnurl'])) {
             // Prevent loops over login screen.
             if (strpos($_POST['returnurl'], 'do=login') === false) {
-                header('Location: '. escape($_POST['returnurl']));
+                header('Location: '. generateLocation($_POST['returnurl'], $_SERVER['HTTP_HOST']));
                 exit;
             }
         }