From f3cfcc746a457274554176cdd6212486dbf54729 Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Tue, 18 Feb 2025 12:16:39 +0100
Subject: [PATCH] fix(federation): :bug: Use encodeURI instead of
 encodeURIComponent

This method doesn't improperly URLencode the *entire* path including the slashes
---
 federation/cryptography/index.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/federation/cryptography/index.ts b/federation/cryptography/index.ts
index dfc1652..b326a32 100644
--- a/federation/cryptography/index.ts
+++ b/federation/cryptography/index.ts
@@ -152,7 +152,7 @@ export class SignatureValidator {
             new TextEncoder().encode(body),
         );
 
-        const expectedSignedString = `${method.toLowerCase()} ${encodeURIComponent(url.pathname)} ${timestamp.getTime() / 1000} ${arrayBufferToBase64(digest)}`;
+        const expectedSignedString = `${method.toLowerCase()} ${encodeURI(url.pathname)} ${timestamp.getTime() / 1000} ${arrayBufferToBase64(digest)}`;
 
         // Check if signed string is valid
         const isValid = await crypto.subtle.verify(
@@ -305,7 +305,7 @@ export class SignatureConstructor {
             new TextEncoder().encode(body ?? ""),
         );
 
-        const signedString = `${requestOrMethod.toLowerCase()} ${encodeURIComponent(
+        const signedString = `${requestOrMethod.toLowerCase()} ${encodeURI(
             url.pathname,
         )} ${finalTimestamp.getTime() / 1000} ${arrayBufferToBase64(digest)}`;