From c018cfc3d47aaa08dbd432d5b3b4566277ca7470 Mon Sep 17 00:00:00 2001 From: AJ ONeal Date: Fri, 23 Oct 2015 01:39:12 -0700 Subject: [PATCH] remove encodeURI for now --- test.js | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/test.js b/test.js index 39fa7dd..cd4d18e 100644 --- a/test.js +++ b/test.js @@ -15,11 +15,22 @@ function generate(ke) { var companyName = $('.js-company-name').value; var userAccount = $('.js-user-account').value; - // obviously don't use this in production, but it's not so bad for the demo + /* + var otpauth = 'otpauth://totp/' + + encodeURI(companyName) + ':' + encodeURI(userAccount) + + '?secret=' + key.replace(/\s+/g, '').toUpperCase() + ; var otpauth = encodeURI('otpauth://totp/' + companyName + ':' + userAccount + '?secret=') + key.replace(/\s+/g, '').toUpperCase() ; + */ + // TODO figure out the right escaping + var otpauth = 'otpauth://totp/' + + companyName + ':' + userAccount + + '?secret=' + key.replace(/\s+/g, '').toUpperCase() + ; + // obviously don't use this in production, but it's not so bad for the demo var src = 'https://www.google.com/chart?chs=166x166&chld=L|0&cht=qr&chl=' + encodeURIComponent(otpauth); $('.js-otpauth').innerHTML = otpauth; // safe to inject because I created it