Merge pull request #16 from sayhiben/master

Use CGI::escape rather than URI.escape for query params
GetAmbassador · Jun 22, 2015 · 15959b6 · 15959b6
2 parents b509bcf + dbcd682
commit 15959b6
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/lib/mbsy.rb b/lib/mbsy.rb
@@ -1,3 +1,4 @@
+require 'cgi'
 require 'httparty'
 require 'json'
 require 'mbsy/resources/base'

diff --git a/lib/mbsy/util/single_sign_on.rb b/lib/mbsy/util/single_sign_on.rb
@@ -12,7 +12,7 @@ def self.embed_html(o)
       raise ArgumentError, "key :email is required" if options[:email].blank?
       raise ArgumentError, ":method must be either :login or :logout" unless %w(login logout).include?( options[:method].to_s )
       signature = Digest::SHA1.hexdigest( options[:api_key] + options[:email] )
-      %Q|<img src="https://#{Mbsy.user_name}.getambassador.com/sso/#{options[:method]}/?token=#{options[:token]}&email=#{URI.escape(options[:email])}&signature=#{signature}" style="border: none; visibility: hidden" alt="" />|
+      %Q|<img src="https://#{Mbsy.user_name}.getambassador.com/sso/#{options[:method]}/?token=#{options[:token]}&email=#{CGI::escape(options[:email])}&signature=#{signature}" style="border: none; visibility: hidden" alt="" />|
     end