From c729972325e183cb13c0c20d7d40d9d89cb63680 Mon Sep 17 00:00:00 2001
From: Torsten Dittmann <torsten.dittmann@googlemail.com>
Date: Tue, 31 Aug 2021 16:05:43 +0200
Subject: [PATCH] fix(security): replace getQuery with frontend equivalent

---
 app/controllers/web/home.php       | 15 ++-------------
 app/views/home/auth/magicURL.phtml | 11 +++++++----
 2 files changed, 9 insertions(+), 17 deletions(-)

diff --git a/app/controllers/web/home.php b/app/controllers/web/home.php
index 5805473b9..51c7c5206 100644
--- a/app/controllers/web/home.php
+++ b/app/controllers/web/home.php
@@ -201,22 +201,11 @@ App::get('/auth/magic-url')
     ->groups(['web', 'home'])
     ->label('permission', 'public')
     ->label('scope', 'home')
-    ->inject('request')
-    // ->inject('response')
     ->inject('layout')
-    ->action(function ($request, $layout) {
-        /** @var Utopia\Swoole\Request $request */
-        /** @var Utopia\Swoole\Response $response */
+    ->action(function ($layout) {
+        /** @var Utopia\View $layout */
 
         $page = new View(__DIR__.'/../../views/home/auth/magicURL.phtml');
-        
-        $userId = $request->getQuery('userId');
-        $secret = $request->getQuery('secret');
-        $project = $request->getQuery('project');
-        $page
-            ->setParam('userId', $userId)
-            ->setParam('secret', $secret)
-            ->setParam('project', $project);
 
         $layout
             ->setParam('title', APP_NAME)
diff --git a/app/views/home/auth/magicURL.phtml b/app/views/home/auth/magicURL.phtml
index 8dc8e48ed..d3cae6885 100644
--- a/app/views/home/auth/magicURL.phtml
+++ b/app/views/home/auth/magicURL.phtml
@@ -10,11 +10,14 @@
         document.getElementById('message').style.display = 'block';
     }, 25);
 
-    <?php echo "const userId = '" . $this->getParam('userId') . "';"; ?>
-    <?php echo "const secret = '" . $this->getParam('secret') . "';"; ?>
-    <?php echo "const project = '" . $this->getParam('project') . "';"; ?>
+    const urlSearchParams = new URLSearchParams(window.location.search);
+    const {
+        userId,
+        secret,
+        project
+    } = Object.fromEntries(urlSearchParams.entries());
 
-const formData = new FormData();
+    const formData = new FormData();
     formData.append('userId', userId);
     formData.append('secret', secret);