• We value your experience with Plesk during 2024
    Plesk strives to perform even better in 2025. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2024.
    Please take this short survey:

    https://pt-research.typeform.com/to/AmZvSXkx

  • We are developing a new feature in Plesk that will help you promote your websites or business on social media. We want to conduct a one-hour online UX test to present the prototype and collect feedback. If you are interested in the feature, please book a meeting via this link.
    Thank you in advance!
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

Forwarded to devs password forgot link not alway copies correct

Linulex

Silver Pleskian
TITLE:
password forgot link not alway copies correct
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Plesk Onyx Version 17.8.11 Update #28, and possible all other plesk vesions
all os'es, all systems, etc... this is a plesk issue and is indepentent from os
PROBLEM DESCRIPTION:
When using the password forgot link, a mail is send to the customer, so far so good. When this the code has a % in it, it is not always copied correct and the average customer never heard of ascii code.

for example

/ch_pass_by_secret.php?secret=iifh88QNzj1Y1uAlssmQZsNdGhbdVu1s3naRHG3x44Q%3D

changed to

/ch_pass_by_secret.php?secret=iifh88QNzj1Y1uAlssmQZsNdGhbdVu1s3naRHG3x44Q=

because %3D is the ascii code for =

And for the average customer, "IT" doesn't work, and he gets frustrated.

regards
Jan​
STEPS TO REPRODUCE:
send a forgot email, keep sending it till a code sequence is that of a raw ascii sign

for example

/ch_pass_by_secret.php?secret=iifh88QNzj1Y1uAlssmQZsNdGhbdVu1s3naRHG3x44Q%3D​
ACTUAL RESULT:
when clicked it is changed into this and the user gets an error that the secret code is not correct

/ch_pass_by_secret.php?secret=iifh88QNzj1Y1uAlssmQZsNdGhbdVu1s3naRHG3x44Q=​
EXPECTED RESULT:
secret must be

iifh88QNzj1Y1uAlssmQZsNdGhbdVu1s3naRHG3x44Q%3D​
ANY ADDITIONAL INFORMATION:
Maybe some warning in the e-mail that it would be possible the the code have to be copied manual if it doesn't work.
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Help with sorting out
 
additional info:

copying the link in the field does not work: it keeps saying: wrong secret code.
 
Questions from developer:

1. Is user able to change a password? If yes, what is the problem?
2. There is no bug here. The secret in the example is URL encoded, so, when it is decoded, %3D has been changed with = – it is absolutely correct.
 
I guess the user uses some sort of webmail.
Can he open the mail as plain text, copy such URL and past it into the browser location bar?
 
At the moment the user can not do this anymore because i have reset his password for him via plesk.

But as i reported: that doesnt work.

additional info:

copying the link in the field does not work: it keeps saying: wrong secret code.

regards
Jan
 
Back
Top